[new package] openconnect 9.12

mingw-w64-openconnect/0001-openconnect-9.12-version.patch

@@ -0,0 +1,14 @@
+diff --git a/version.sh b/version.sh
+index c8dda2f5..bd6f1a35 100755
+--- a/version.sh
++++ b/version.sh
+@@ -13,6 +13,9 @@ if [ -d ${GIT_DIR:-.git} ] && tag=`git describe --tags`; then
+ 		v="$v"-dirty
+ elif [ -n "$RPM_PACKAGE_VERSION" ] && [ -n "$RPM_PACKAGE_RELEASE" ]; then
+ 	v="v$RPM_PACKAGE_VERSION-$RPM_PACKAGE_RELEASE"
++elif [ -n "$MINGW_PACKAGE_VERSION" ] && [ -n "$MINGW_PACKAGE_RELEASE" ]; then
++	#building with makepkg under MSYS
++	v="v$MINGW_PACKAGE_VERSION-$MINGW_PACKAGE_RELEASE"
+ else # XXX: Equivalent for .deb packages?
+ 	v="$v"-unknown
+ fi

mingw-w64-openconnect/0002-openconnect-9.12-configure.patch

@@ -0,0 +1,106 @@
+diff --git a/configure.ac b/configure.ac
+index 54afa25a..8ba1a45f 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -72,7 +72,15 @@ case $host_os in
+     system_pcsc_libs="-lwinscard"
+     system_pcsc_cflags=
+     AC_CHECK_TOOL([WINDRES], [windres], [])
+-    AC_CHECK_TOOL([MAKENSIS], [makensis], [])
++
++    AC_ARG_ENABLE([nsis-installer],
++	AS_HELP_STRING([--disable-nsis-installer], [Do not build an NSIS installer]),
++	[USE_NSIS=$enableval], [USE_NSIS=yes])
++
++    if test "$USE_NSIS" = "yes"; then
++        AC_CHECK_TOOL([MAKENSIS], [makensis], [])
++    fi
++
+     default_browser=open
+
+     case $host_cpu in
+@@ -114,19 +122,34 @@ case $host_os in
+     ;;
+ esac
+ AM_CONDITIONAL(OPENCONNECT_WIN32,  [ test "$have_win" = "yes" ])
+-build_nsis=no
+-if test "${MAKENSIS}" != ""; then
++
++if test "$have_win" = "yes"; then
++   #required for vpnc-script-win.js and wintun
+    AC_CHECK_PROG(have_curl, curl, yes)
+-   if test "${have_curl}" = "yes"; then
+-      build_nsis=yes
+-      if test "${wintun_arch}" != ""; then
+-	 AC_CHECK_PROG(have_unzip, unzip, yes)
+-	 if test "${have_unzip}" != "yes"; then
+-	    wintun_arch=
+-	 fi
++   AC_CHECK_PROG(have_unzip, unzip, yes)
++   AC_CHECK_PROG(have_jq, jq, yes)
++
++   if test "${wintun_arch}" != ""; then
++      if test "${have_curl}" != "yes"; then
++         wintun_arch=
++      else
++         if test "${have_unzip}" != "yes"; then
++            wintun_arch=
++         fi
+       fi
+    fi
+ fi
++
++build_nsis=no
++if test "$MAKENSIS" != ""; then
++    #disable NSIS build if we cannot extract wintun
++    if test "${wintun_arch}" != ""; then
++        build_nsis=yes
++    else
++	AC_MSG_WARN([Disabling NSIS installer since wintun cannot be included])
++    fi
++fi
++
+ AM_CONDITIONAL(BUILD_NSIS, [ test "$build_nsis" = "yes" ])
+ AM_CONDITIONAL(OPENCONNECT_WINTUN, [ test "${wintun_arch}" != "" ])
+
+@@ -160,6 +183,17 @@ if test "$with_vpnc_script" = "yes" || test "$with_vpnc_script" = ""; then
+    AC_MSG_CHECKING([for vpnc-script in standard locations])
+    if test "$have_win" = "yes"; then
+       with_vpnc_script=vpnc-script-win.js
++
++      #downloading and amending vpnc-script-win.js depends on curl and jq. Disable it if they are missing, which *should* cause configure to stop
++
++      if test "${have_curl}" != "yes"; then
++         with_vpnc_script=no
++      else
++         if test "${have_jq}" != "yes"; then
++            with_vpnc_script=no
++         fi
++      fi
++      AC_MSG_RESULT([${with_vpnc_script}])
+    else
+       for with_vpnc_script in /usr/local/share/vpnc-scripts/vpnc-script /usr/local/sbin/vpnc-script /usr/share/vpnc-scripts/vpnc-script /usr/sbin/vpnc-script /etc/vpnc/vpnc-script; do
+          if test -x "$with_vpnc_script"; then
+@@ -185,7 +219,8 @@ if test "$with_vpnc_script" = "yes" || test "$with_vpnc_script" = ""; then
+          AC_MSG_RESULT([${with_vpnc_script}])
+       fi
+    fi
+-elif test "$with_vpnc_script" = "no"; then
++fi
++if test "$with_vpnc_script" = "no"; then
+    AC_MSG_ERROR(You cannot disable vpnc-script.
+    OpenConnect will not function correctly without it.
+    See https://www.infradead.org/openconnect/vpnc-script.html)
+@@ -1500,7 +1535,11 @@ SUMMARY([DSA tests], [$enable_dsa_tests])
+ SUMMARY([PPP tests], [$enable_ppp_tests])
+ SUMMARY([Flask tests], [$have_python36_flask])
+ SUMMARY([Insecure debugging], [$insecure_debugging])
+-SUMMARY([NSIS installer], [$build_nsis])
++if test "$have_win" = "yes"; then
++ SUMMARY([NSIS installer], [$build_nsis])
++ SUMMARY([wintun architecture], [$wintun_arch])
++fi
++SUMMARY([VPNC script], [${with_vpnc_script}])
+
+ if test "$ssl_library" = "OpenSSL"; then
+     AC_MSG_WARN([[

mingw-w64-openconnect/0003-openconnect-9.12-makefile.patch

@@ -0,0 +1,79 @@
+diff --git a/Makefile.am b/Makefile.am
+index 4ce076e0..ce08613f 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -18,6 +18,8 @@ endif
+ lib_LTLIBRARIES = libopenconnect.la
+ sbin_PROGRAMS = openconnect
+ man8_MANS = openconnect.8
++bin_PROGRAMS :=
++sbin_SCRIPTS :=
+ noinst_PROGRAMS :=
+
+ AM_CFLAGS = @WFLAGS@
+@@ -34,6 +36,7 @@ openconnect_LDADD = libopenconnect.la $(SSL_LIBS) $(LIBXML2_LIBS) \
+
+ if OPENCONNECT_WIN32
+ openconnect_SOURCES += openconnect.rc
++sbin_SCRIPTS += vpnc-script-win.js
+ endif
+ library_srcs = ssl.c http.c textbuf.c http-auth.c auth-common.c \
+ 	auth-html.c library.c compat.c lzs.c mainloop.c script.c \
+@@ -167,7 +170,16 @@ endif
+ endif
+
+ if OPENCONNECT_SYSTEM_KEYS
++if OPENCONNECT_WIN32
++#install list-system-keys on Windows
++bin_PROGRAMS += list-system-keys
++else
++#Don't install list-system-keys
++#It breaks the Linux COPR builds since the native RPM doesn't list it as
++#one of the files that are expected to be installed.
++#see commit 17887b53e171ec7223340092dc042298a29defb0
+ noinst_PROGRAMS += list-system-keys
++endif #OPENCONNECT_WIN32
+ list_system_keys_SOURCES = list-system-keys.c
+ list_system_keys_CFLAGS = $(GNUTLS_CFLAGS)
+ list_system_keys_LDADD = $(GNUTLS_LIBS)
+@@ -388,13 +400,18 @@ DISTCLEANFILES += .*.dll.d .*.exe.d file-list*.txt instfiles.nsh uninstfiles.nsh
+ #EXTRA_DLLDIRS := $(OPENCONNECT_GUI_DIR)/bin $(libdir)/qt5/plugins/platforms $(libdir)/qt5/plugins/styles
+
+ DLL_EXECUTABLES := openconnect$(EXEEXT) $(EXTRA_EXECUTABLES)
++endif
+
+ if OPENCONNECT_WINTUN
+ WINTUN_DLL = .libs/wintun.dll
+ DISTCLEANFILES += $(WINTUN_DLL)
++sbin_SCRIPTS += .libs/wintun.dll
++if BUILD_NSIS
+ DLL_EXECUTABLES += wintun.dll
+ endif
++endif
+
++if BUILD_NSIS
+ if OPENCONNECT_SYSTEM_KEYS
+ DLL_EXECUTABLES += list-system-keys$(EXEEXT)
+ endif
+@@ -417,6 +434,7 @@ export V AM_DEFAULT_VERBOSITY bindir libdir OBJDUMP DLL_EXECUTABLES EXTRA_DLLDIR
+
+ file-list.txt: Makefile.dlldeps openconnect$(EXEEXT) libopenconnect.la $(WINTUN_DLL)
+ 	@$(MAKE) --no-print-directory -f $< $@
++endif #BUILD_NSIS
+
+ # Wintun Layer 3 TUN driver for Windows 7 and newer
+ # (see https://wintun.net)
+@@ -437,6 +455,7 @@ vpnc-script-win.js:
+ 	    jq -r '.[0] | "// This script matches the version found at " + (.web_url | sub("/commit/"; "/blob/")) + "/vpnc-script-win.js\n// Updated on " + .authored_date[:10] + " by " + .author_name + " <" + .author_email + "> (\"" + .title + "\")\n//"' > $@
+ 	curl https://gitlab.com/openconnect/vpnc-scripts/raw/master/vpnc-script-win.js >> $@
+
++if BUILD_NSIS
+ # Let make find the file in VPATH
+ file-list-%.txt: %
+ 	echo $< > $@
+@@ -484,4 +503,4 @@ openconnect-installer-$(INSTALLER_SUFFIX).exe: openconnect.nsi instfiles.nsh uni
+ 	$(AM_V_MAKENSIS) $(MAKENSIS) $<
+ 	ln -f "$$(grep -E '^OutFile' openconnect.nsi | cut -f2 -d\")" $@
+
+-endif
++endif #BUILD_NSIS

mingw-w64-openconnect/PKGBUILD

@@ -0,0 +1,134 @@
+# Contributor: Marios Paouris <mspaourh@gmail.com>
+
+_realname=openconnect
+pkgbase=mingw-w64-${_realname}
+pkgname=("${MINGW_PACKAGE_PREFIX}-${_realname}"
+         "${MINGW_PACKAGE_PREFIX}-${_realname}-wintun")
+pkgver=9.12
+pkgrel=1
+pkgdesc="Open client for Cisco AnyConnect, Juniper, Pulse, GlobalProtect, F5, Fortinet and Array Networks (IBM Cloud) VPNs. (mingw-w64)"
+arch=('any')
+mingw_arch=('mingw32' 'mingw64' 'ucrt64' 'clang64' 'clang32' 'clangarm64')
+url="https://www.infradead.org/openconnect"
+license=('spdx:LGPL-2.1-or-later')
+makedepends=("${MINGW_PACKAGE_PREFIX}-cc"
+             "${MINGW_PACKAGE_PREFIX}-autotools"
+             "${MINGW_PACKAGE_PREFIX}-curl"
+             "unzip"
+             "${MINGW_PACKAGE_PREFIX}-jq")
+depends=("${MINGW_PACKAGE_PREFIX}-libxml2" 
+         "${MINGW_PACKAGE_PREFIX}-gnutls>=3.6.13"
+         "${MINGW_PACKAGE_PREFIX}-p11-kit"
+         "${MINGW_PACKAGE_PREFIX}-nettle"
+         "${MINGW_PACKAGE_PREFIX}-lz4"
+         "${MINGW_PACKAGE_PREFIX}-zlib"
+         "${MINGW_PACKAGE_PREFIX}-stoken=0.92")
+options=('staticlibs' 'strip')
+source=("https://gitlab.com/openconnect/openconnect/-/archive/v${pkgver}/${_realname}-v${pkgver}.tar.gz"
+        "wintun-0.14.1.zip::https://gitlab.com/openconnect/openconnect-gui/-/raw/edd44c4d181b5333bc499b7e8ff8978f35cea7e8/wintun/wintun-0.14.1.zip?inline=false"
+        "0001-openconnect-9.12-version.patch"
+        "0002-openconnect-9.12-configure.patch"
+        "0003-openconnect-9.12-makefile.patch"
+)
+sha256sums=("c1c22b2bcb92576960c545f09e35ff36142198c21ed766752076fa72eb4070d4"
+            "07c256185d6ee3652e09fa55c0b673e2624b565e02c4b9091c79ca7d2f24ef51"
+            "714830aa86b42bf836612918d11de7b70252d17f13b418745a93e386d4bdd3ee"
+            "067f14c130c217a987da83cbadddaf14f220ae9e34b9e3cac7dcc08c27ed4df3"
+            "129749a3f4c652fa000151d041f6bf27ab84e1ffc9a5aad888078c04b7551573"
+)
+validpgpkeys=('BE07D9FD54809AB2C4B0FF5F63762CDA67E2F359') # David Woodhouse <dwmw2@infradead.org>
+
+# Helper macros to help make tasks easier #
+apply_patch_with_msg() {
+  for _patch in "$@"
+  do
+    msg2 "Applying $_patch"
+    patch -Np1 -i "${srcdir}/$_patch"
+  done
+}
+
+del_file_exists() {
+  for _fname in "$@"
+  do
+    if [ -f $_fname ]; then
+      rm -rf $_fname
+    fi
+  done
+}
+# =========================================== #
+
+prepare() {
+  cd ${srcdir}/${_realname}-v${pkgver}
+
+  apply_patch_with_msg \
+    0001-openconnect-9.12-version.patch \
+    0002-openconnect-9.12-configure.patch \
+    0003-openconnect-9.12-makefile.patch
+
+  ./autogen.sh
+}
+
+build() {
+  #export lt_cv_deplibs_check_method='pass_all'
+  [[ -d "${srcdir}/build-${MSYSTEM}" ]] && rm -rf "${srcdir}/build-${MSYSTEM}"
+  mkdir -p "${srcdir}/build-${MSYSTEM}" && cd "${srcdir}/build-${MSYSTEM}"
+
+  #wintun download from official distribution is unreliable; we download it from openconnect-gui
+  #openconnect's make will also validate it's sha sum
+  cp "${srcdir}/wintun-0.14.1.zip" .
+
+  ../${_realname}-v${pkgver}/configure \
+    --disable-dependency-tracking \
+    --prefix=${MINGW_PREFIX} \
+    --build=${MINGW_CHOST} \
+    --host=${MINGW_CHOST} \
+    --disable-nsis-installer \
+    --with-gnutls \
+    --without-openssl \
+    --without-libpskc \
+    --without-libproxy \
+    --with-vpnc-script=vpnc-script-win.js 
+
+  #set MINGW_PACKAGE vars so version.sh produces the correct version string in version.c
+  MINGW_PACKAGE_VERSION=$pkgver MINGW_PACKAGE_RELEASE=$pkgrel make
+}
+
+check() {
+  cd "${srcdir}/build-${MSYSTEM}"
+  #autocompletion tests fail since autocompletion is not enabled in windows builds
+  #so disable them until it is actually enabled
+  make DESTDIR="${pkgdir}" XFAIL_TESTS="autocompletion" check
+
+}
+
+package_openconnect() {
+  optdepends+=("${MINGW_PACKAGE_PREFIX}-${_realname}-wintun")
+
+  cd "${srcdir}/build-${MSYSTEM}"
+  make DESTDIR="${pkgdir}" install
+
+  #remove wintun.dll from installation; will install it on it's own package
+  rm -f "${pkgdir}${MINGW_PREFIX}/sbin/wintun.dll"
+
+  install -Dm644 "${srcdir}/${_realname}-v${pkgver}/COPYING.LGPL" "${pkgdir}${MINGW_PREFIX}/share/licenses/${_realname}/LICENSE"
+}
+
+package_openconnect-wintun() {
+  depends=()
+  pkgdesc="Wintun Driver for Open client for Cisco AnyConnect, Juniper, Pulse, GlobalProtect, F5, Fortinet and Array Networks (IBM Cloud) VPNs. (mingw-w64)"
+
+  cd "${srcdir}/build-${MSYSTEM}"
+  mkdir -p "${pkgdir}${MINGW_PREFIX}/sbin"
+  install -c .libs/wintun.dll "${pkgdir}${MINGW_PREFIX}/sbin"
+}
+
+# template start; name=mingw-w64-splitpkg-wrappers; version=1.0;
+# vim: set ft=bash :
+
+# generate wrappers
+for _name in "${pkgname[@]}"; do
+  _short="package_${_name#${MINGW_PACKAGE_PREFIX}-}"
+  _func="$(declare -f "${_short}")"
+  eval "${_func/#${_short}/package_${_name}}"
+done
+# template end;