From 91d7f4fde5d1a708d5acddfed8494fcf9a6715dd Mon Sep 17 00:00:00 2001
From: "Brian S. Stephan" <bss@incorporeal.org>
Date: Mon, 10 Apr 2023 19:33:43 -0500
Subject: [PATCH] copy gentoo net-irc/unrealircd

---
 net-irc/unrealircd/Manifest                   |  12 ++
 ...unrealircd-6.0.4.2-configure-clang16.patch |  64 ++++++
 net-irc/unrealircd/files/unrealircd.confd-r4  |  37 ++++
 net-irc/unrealircd/files/unrealircd.initd-r3  |  63 ++++++
 net-irc/unrealircd/files/unrealircd.service   |  11 +
 net-irc/unrealircd/files/unrealircd.tmpfiles  |   2 +
 net-irc/unrealircd/metadata.xml               |  22 ++
 net-irc/unrealircd/unrealircd-5.2.4-r1.ebuild | 178 ++++++++++++++++
 net-irc/unrealircd/unrealircd-6.0.4.2.ebuild  | 195 ++++++++++++++++++
 9 files changed, 584 insertions(+)
 create mode 100644 net-irc/unrealircd/Manifest
 create mode 100644 net-irc/unrealircd/files/unrealircd-6.0.4.2-configure-clang16.patch
 create mode 100644 net-irc/unrealircd/files/unrealircd.confd-r4
 create mode 100644 net-irc/unrealircd/files/unrealircd.initd-r3
 create mode 100644 net-irc/unrealircd/files/unrealircd.service
 create mode 100644 net-irc/unrealircd/files/unrealircd.tmpfiles
 create mode 100644 net-irc/unrealircd/metadata.xml
 create mode 100644 net-irc/unrealircd/unrealircd-5.2.4-r1.ebuild
 create mode 100644 net-irc/unrealircd/unrealircd-6.0.4.2.ebuild

diff --git a/net-irc/unrealircd/Manifest b/net-irc/unrealircd/Manifest
new file mode 100644
index 0000000..19c810b
--- /dev/null
+++ b/net-irc/unrealircd/Manifest
@@ -0,0 +1,12 @@
+AUX unrealircd-6.0.4.2-configure-clang16.patch 3090 BLAKE2B f8c7907e7b8216e3b765a10e14cce5aa861780abc3885fa89108a04ad2b91784b54e04964d88796c9e4e4e974675bd1342940315a2ba772a37e5a34649c2c668 SHA512 bd0adc9ca010e3bb7ce13bec7d749e389ff249b47d11d08ebd33dbbad468621a702eae28cf25938452f1e727a9156cc9d43c7dff81abffb38cc46b484ef0d9e2
+AUX unrealircd.confd-r4 1458 BLAKE2B d7687443262931323142a4b14a484988386610f610fcce6321a45333feadb58c5849ae8743bedb19540b02045f72a5ee6f07299e1bcadc089bf93358f04b8d8c SHA512 90f6f5985dfe15ac400aa133d1404099c11fca4a2f0c3a21e4cd996051fb27bd131074dba576b2e6b8961d70ec98cc43f750ecf94483e050c0a3886d45249d3d
+AUX unrealircd.initd-r3 2172 BLAKE2B 76aea4ea6083a4b8ac4fe49ecf1cd3ce3a35747f83a745be6fcca2dba11402df7ce2c28b480959dafd92606b9a41cc3b63a22cd47ca9035431b387154a2b5789 SHA512 dd962a299135e99c089fab41f0393f8afde5ce368eb50eb942f1563e34d771e31f75e4add821dae4a9739ca21c34ee5d8bd85931c9fa9c06be7fed4170473ef0
+AUX unrealircd.service 177 BLAKE2B 9a58ce4e7785a66beac53afa2ecd276dd6f8e9927de8dfc3e9eab968008ad681a8b9f353bff4951bba8023d5c04affda6b58fde5db8232d0f1f9ae3e470424f0 SHA512 99163776104f2f27a585332004221fac16a9fbf9c8930b0603b5f33aca4c5ac13bdded4d5917143796b3893a19d2f709b0c4d4d635d85bd681f643b3b59131f5
+AUX unrealircd.tmpfiles 45 BLAKE2B 302201c42d7ebc272dfabfe36b49d583ce18c3d10d7348763a710ac7a3bb853a8c5b4d1cb2444773f128eb988d6d95e73617ceb5742a14da61096a8eaed8705c SHA512 4812c3c509461085665dcfdd38a082eed2aba9b5c175cc28f893ae42d8a00f72c3cfcd5195c6224667284df4ee58274e2a782dcfc6b5a9cb8ce9d323961fa6cd
+DIST unrealircd-5.2.4.tar.gz 7201203 BLAKE2B 06afc8b5e28bbd56971b2ce21da3e000e39366444472786891bfe000754f5fed37b59850f9539b4f01914d6b33c1f9f17a15fe69569620ba5213f39fce1cfcad SHA512 b6784d011bc56b0b8253d61fb1edddb2133e791e9ce4ae978f90059563d11f3f7b3ebca1cf13765b4077ebc39f0699e101bdfc71cbb0c5cf51d508c5a5fdacb3
+DIST unrealircd-5.2.4.tar.gz.asc 866 BLAKE2B 9fc520e93f80a548650b016690036c4e9957e81095f75c34489eb0b83d28548a891196469199cf354207c44b22aaeecfc696995842e9b278ab10fdf5bdb8d7f6 SHA512 0d85a668e2cc3f3d736f3a321e282ecb1fd94d5f605e0e40e8c84a17a6486f8e0d299ec673fe7688fca3ead847f432144ff077547cc90321534406fbe084804b
+DIST unrealircd-6.0.4.2.tar.gz 8698501 BLAKE2B e5252dc3e4b332adbbd5a2d435d5be14a7745777dd53b8fa72b79d4cba2c1c92c0f9381b62b9c3031f48347f2ce7086d44f619cb4ec1b4f3a4cd2020f391643b SHA512 2677834660f9e6123ddf5121d9a46908f6071070cc9da085884d6c6ccec9fefc5429effa2890527a1e162984f1c5cd57bcd9cd488e8713613af84fb6d507207d
+DIST unrealircd-6.0.4.2.tar.gz.asc 866 BLAKE2B cdfee99a09479d6099ef42e4caa05024b682f35a7d6302b1baa2ac4697b2b430856d9cbd00f0361360050ce5f2a0478dd9c6e1dbb86ec5714de24e5edcfeaeb7 SHA512 3bbad079c486bd072694f246306094a5cdfc7648f49a9ec40743453bec78173454667243a05870a8a19320b31843dfcd15d962d04758cf97cccd8854dbfdfea4
+EBUILD unrealircd-5.2.4-r1.ebuild 5491 BLAKE2B a82c2aab7db44a19a1d752434d86f092e90c7ac88931a45bf1c7f12d0459759eef445ba73d03f9ba828debe30b79d56bd4b2d0d828462f1b21799b883469ebe6 SHA512 ba0fe9538fdc7bf601e318b30b3529fcb0c5da14c71689c7e2fe6ce2e4465d74c6e72ec4aab2db1ad6a20d7267feba745a302c068f2542a278c72b984b4aaa5f
+EBUILD unrealircd-6.0.4.2.ebuild 5948 BLAKE2B 967806cfeb0a4eb8df73ab60fe00bd11f3c09298854516825bb8a11728c810e22bc9d769da715afc0a37f27e90cba1d574de186ff085d6d30dfea208e9b19561 SHA512 11c43244a9febe879a28b8f44c20f080f0a775a989dc4706073ab7f483e0e096f14c553d7b8989f8d2db977c1f08ed3cc298b50960f82cff1a64d7b853c131c2
+MISC metadata.xml 978 BLAKE2B 7149e20723b563c08f93a7383b4f934104c24c945a4cf07510a7945d418a824db990eec1fca839f67c739296e519e67033b4181c7fbf0761336053dfd68a1898 SHA512 926d227e04485b71ce6f6cce4f8addebd4479837d5b9f4bb412f391edd74d72d38aefbe9275bc2a45ee25117990ceeb796722f7753c082e987dc09d07c277987
diff --git a/net-irc/unrealircd/files/unrealircd-6.0.4.2-configure-clang16.patch b/net-irc/unrealircd/files/unrealircd-6.0.4.2-configure-clang16.patch
new file mode 100644
index 0000000..d884a10
--- /dev/null
+++ b/net-irc/unrealircd/files/unrealircd-6.0.4.2-configure-clang16.patch
@@ -0,0 +1,64 @@
+https://github.com/unrealircd/unrealircd/pull/242
+
+From 3246e472842237ac9e655e254380c4dd8fea7abc Mon Sep 17 00:00:00 2001
+From: Sam James <sam@gentoo.org>
+Date: Sun, 18 Dec 2022 06:18:51 +0000
+Subject: [PATCH] configure.ac: fix -Wimplicit-function-declaration
+
+Clang 16 makes -Wimplicit-function-declaration error by default.
+
+Unfortunately, this can lead to misconfiguration or miscompilation of software as configure
+tests may then return the wrong result.
+
+We also fix -Wstrict-prototypes while here as it's easy to do and it prepares
+us for C23.
+
+Fixes the following:
+```
+configure:6250: checking if your system has IPv6 support
+configure:6275: x86_64-pc-linux-gnu-gcc -o conftest -O2 -pipe -march=native -fdiagnostics-color=always -frecord-gcc-switches -Wreturn-type      -ggdb3 -Werror=implicit-function-declaration -Werror=implicit-int -fno-strict-aliasing -fno-common -funsigned-char -Wall -Wextra -Waggregate-return -Wformat-nonliteral -Wduplicated-cond -Wduplicated-branches -Wparentheses -Wno-pointer-sign -Wno-format-zero-length -Wno-format-truncation -Wno-format-overflow -Wno-unused -Wno-unused-parameter -Wno-unused-but-set-parameter -Wno-char-subscripts -Wno-sign-compare -Wno-empty-body -Wno-pragmas  -Wl,-O1 -Wl,--as-needed -Wl,--defsym=__gentoo_check_ldflags__=0 -Wl,-z,pack-relative-relocs conftest.c  >&5
+conftest.c: In function 'main':
+conftest.c:30:1: error: implicit declaration of function 'exit' [-Werror=implicit-function-declaration]
+   30 | exit(0); /* We only check if the code compiles, that's enough. We can deal with missing runtime IPv6 */
+      | ^~~~
+conftest.c:28:1: note: include '<stdlib.h>' or provide a declaration of 'exit'
+   27 | #include <sys/socket.h>
+  +++ |+#include <stdlib.h>
+   28 | int main() {
+conftest.c:30:1: warning: incompatible implicit declaration of built-in function 'exit' [-Wbuiltin-declaration-mismatch]
+   30 | exit(0); /* We only check if the code compiles, that's enough. We can deal with missing runtime IPv6 */
+      | ^~~~
+conftest.c:30:1: note: include '<stdlib.h>' or provide a declaration of 'exit'
+cc1: some warnings being treated as errors
+configure:6275: $? = 1
+```
+
+For more information, see LWN.net [0] or LLVM's Discourse [1], the Gentoo wiki [2],
+or the (new) c-std-porting mailing list [3].
+
+[0] https://lwn.net/Articles/913505/
+[1] https://discourse.llvm.org/t/configure-script-breakage-with-the-new-werror-implicit-function-declaration/65213
+[2] https://wiki.gentoo.org/wiki/Modern_C_porting
+[3] hosted at lists.linux.dev.
+--- a/configure.ac
++++ b/configure.ac
+@@ -326,7 +326,7 @@ fi
+ ])
+ AC_CACHE_CHECK(if your system prepends an underscore on symbols,ac_cv_underscore,[
+ cat >uscore.c << __EOF__
+-int main() {
++int main(void) {
+ 	return 0;
+ }
+ __EOF__
+@@ -354,7 +354,8 @@ AC_CACHE_CHECK([if your system has IPv6 support], [ac_cv_ip6], [
+ AC_TRY_RUN([
+ #include <sys/types.h>
+ #include <sys/socket.h>
+-int main() {
++#include <stdlib.h>
++int main(void) {
+ int s = socket(AF_INET6, SOCK_STREAM, 0);
+ exit(0); /* We only check if the code compiles, that's enough. We can deal with missing runtime IPv6 */
+ }
+
diff --git a/net-irc/unrealircd/files/unrealircd.confd-r4 b/net-irc/unrealircd/files/unrealircd.confd-r4
new file mode 100644
index 0000000..934ac0e
--- /dev/null
+++ b/net-irc/unrealircd/files/unrealircd.confd-r4
@@ -0,0 +1,37 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+# Where to chroot to
+# Uncomment this line for chrooting
+#UNREALIRCD_CHROOT="/var/chroot/ircd"
+UNREALIRCD_CHROOT=""
+
+# Which configuration file to load instead of unrealircd.conf. If you
+# want to run multiple instances of unrealircd, you must edit
+# files::pidfile to match UNREALIRCD_PIDFILE. You should also ensure
+# that files::tunefile is different for each unrealircd instance. See
+# https://www.unrealircd.org/docs/Configuration#Files_block
+#
+# To support multiple instances of unrealircd, you may create symlinks
+# in /etc/init.d pointing to /etc/init.d/unrealircd. It is recommended
+# that the scheme unrealircd.${instance_name} be used. For each
+# instance, you may make a copy of this file with the appropriate name
+# to override default options specific to that instance.
+UNREALIRCD_CONF="${UNREALIRCD_CHROOT}/etc/unrealircd/${SVCNAME}.conf"
+
+# The path where unrealircd is configured to create its pidfile.
+UNREALIRCD_PIDFILE="${UNREALIRCD_CHROOT}/run/unrealircd/${SVCNAME#unreal}.pid"
+
+# extra options to pass to unrealircd ...
+# You should not specify the -f option here; use
+# UNREALIRCD_CONF instead.
+#
+# [-h servername]
+# [-p portnumber]
+# [-x loglevel]
+# [-t] (to enable debug output)
+UNREALIRCD_OPTS=""
+
+# Extra flags to pass to start-stop-daemon. When initially
+# debugging, removing --quiet may help.
+UNREALIRCD_SSD_OPTS="--quiet"
diff --git a/net-irc/unrealircd/files/unrealircd.initd-r3 b/net-irc/unrealircd/files/unrealircd.initd-r3
new file mode 100644
index 0000000..5bc0300
--- /dev/null
+++ b/net-irc/unrealircd/files/unrealircd.initd-r3
@@ -0,0 +1,63 @@
+#!/sbin/openrc-run
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+# Defaults
+: ${UNREALIRCD_CONF:=/etc/unrealircd/${SVCNAME}.conf}
+: ${UNREALIRCD_PIDFILE:=/run/unrealircd/${SVCNAME#unreal}.pid}
+
+# Convenience variable for the chroot bits, not actually user-controllable via conf.d
+UNREALIRCD_USER="unrealircd"
+UNREALIRCD_BIN="/usr/bin/unrealircd"
+UNREALIRCD_COMMAND_ARGS="-F -f ${UNREALIRCD_CONF} ${UNREALIRCD_OPTS}"
+
+# Run the daemon in the foreground and let OpenRC background it.
+# This way the PID file is created securely, as root.
+# https://bugs.unrealircd.org/view.php?id=4990
+# https://bugs.gentoo.org/628434
+command_args="${UNREALIRCD_COMMAND_ARGS}"
+command_background=true
+pidfile="${UNREALIRCD_PIDFILE}"
+
+start_stop_daemon_args="${UNREALIRCD_SSD_OPTS}"
+extra_started_commands="checkconfig reload"
+
+if [ -n "${UNREALIRCD_CHROOT}" ]; then
+	command=/usr/bin/chroot
+	command_args="--userspec ${UNREALIRCD_USER}:${UNREALIRCD_USER} ${UNREALIRCD_CHROOT} ${UNREALIRCD_BIN} ${UNREALIRCD_COMMAND_ARGS}"
+else
+	# We're running it directly so no need for anything special.
+	command="${UNREALIRCD_BIN}"
+	command_user=${UNREALIRCD_USER}
+fi
+
+checkconfig() {
+	# command_args weirdness because we want to preserve the chroot arguments if it's set
+	# Only run the configtest for the main instance; it can't work right now for others (no way to specify config file)
+	[ ${SVCNAME} = unrealircd ] && su -s /bin/sh ${command_user:=root} -c "${command} ${command_args%${UNREALIRCD_COMMAND_ARGS}}" configtest
+}
+
+depend() {
+	use dns net
+	provide ircd
+}
+
+# It is unsafe for the unrealircd user to be able to write to its own
+# PID file, since root will be sending e.g. kill signals to the PID
+# listed in that file. Ensure that we overwrite the ownership and
+# permissions on /run/unrealircd from previous init scripts.
+start_pre() {
+	checkpath --directory --owner root:root --mode 0700 "${UNREALIRCD_CHROOT}"/run/unrealircd
+
+	checkconfig || return $?
+}
+
+reload() {
+	checkconfig || return $?
+
+	ebegin "Reloading ${RC_SVCNAME}"
+	start-stop-daemon --signal HUP \
+			  --pidfile "${pidfile}" \
+			  ${UNREALIRCD_SSD_OPTS}
+	eend $?
+}
diff --git a/net-irc/unrealircd/files/unrealircd.service b/net-irc/unrealircd/files/unrealircd.service
new file mode 100644
index 0000000..5382670
--- /dev/null
+++ b/net-irc/unrealircd/files/unrealircd.service
@@ -0,0 +1,11 @@
+[Unit]
+Description=Unrealircd IRC Server Daemon
+After=network.target
+
+[Service]
+Type=forking
+User=unrealircd
+ExecStart=/usr/bin/unrealircd
+
+[Install]
+WantedBy=multi-user.target
diff --git a/net-irc/unrealircd/files/unrealircd.tmpfiles b/net-irc/unrealircd/files/unrealircd.tmpfiles
new file mode 100644
index 0000000..37afe71
--- /dev/null
+++ b/net-irc/unrealircd/files/unrealircd.tmpfiles
@@ -0,0 +1,2 @@
+d /run/unrealircd 755 unrealircd unrealircd
+
diff --git a/net-irc/unrealircd/metadata.xml b/net-irc/unrealircd/metadata.xml
new file mode 100644
index 0000000..aa27ed0
--- /dev/null
+++ b/net-irc/unrealircd/metadata.xml
@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+	<maintainer type="person">
+		<email>kensington@gentoo.org</email>
+		<name>Michael Palimaka</name>
+	</maintainer>
+	<maintainer type="person">
+		<email>sam@gentoo.org</email>
+		<name>Sam James</name>
+	</maintainer>
+	<use>
+		<flag name="class-nofakelag">Enable an unsupported class::options flag called “nofakelag” allowing you to grant fakelag exemption to normal user (instead of just opers).</flag>
+		<flag name="prefixaq">Enable chanadmin and chanowner prefixes</flag>
+		<flag name="showlistmodes">Display channel modes in /LIST (only configured at compiletime)</flag>
+		<flag name="operoverride-verify">Enable requiring opers to invite themselves to +s/+p channels</flag>
+		<flag name="operoverride">Enable OperOverride extension</flag>
+	</use>
+	<upstream>
+		<remote-id type="github">unrealircd/unrealircd</remote-id>
+	</upstream>
+</pkgmetadata>
diff --git a/net-irc/unrealircd/unrealircd-5.2.4-r1.ebuild b/net-irc/unrealircd/unrealircd-5.2.4-r1.ebuild
new file mode 100644
index 0000000..f3b2643
--- /dev/null
+++ b/net-irc/unrealircd/unrealircd-5.2.4-r1.ebuild
@@ -0,0 +1,178 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+SSL_CERT_MANDATORY=1
+VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/unrealircd.asc
+inherit autotools ssl-cert systemd verify-sig
+
+DESCRIPTION="An advanced Internet Relay Chat daemon"
+HOMEPAGE="https://www.unrealircd.org/"
+SRC_URI="https://www.unrealircd.org/downloads/${P}.tar.gz"
+SRC_URI+=" verify-sig? ( https://www.unrealircd.org/downloads/${P}.tar.gz.asc )"
+
+LICENSE="GPL-2+"
+SLOT="0"
+KEYWORDS="amd64 arm arm64 ppc ~ppc64 x86 ~amd64-linux"
+IUSE="class-nofakelag curl +operoverride operoverride-verify +prefixaq showlistmodes"
+
+RDEPEND="acct-group/unrealircd
+	acct-user/unrealircd
+	>=app-crypt/argon2-20171227-r1:=
+	dev-libs/libpcre2
+	dev-libs/libsodium:=
+	dev-libs/openssl:0=
+	>=net-dns/c-ares-1.7:=
+	virtual/libcrypt:=
+	curl? ( net-misc/curl[adns] )"
+DEPEND="${RDEPEND}"
+BDEPEND="virtual/pkgconfig
+	verify-sig? ( sec-keys/openpgp-keys-unrealircd )"
+
+DOCS=( doc/{Authors,Donation,RELEASE-NOTES.md,tao.of.irc,technical/,translations.txt} )
+
+src_prepare() {
+	# QA check against bundled pkgs
+	rm -r extras || die
+
+	# building third-party modules (which we don't do) cause a sandbox violation
+	# bug 704444
+	echo "" > src/buildmod || die
+
+	sed -e 's/$(MODULEFLAGS)/$(LDFLAGS) &/' -i src/modules/{,*/}Makefile.in || die
+
+	if use class-nofakelag; then
+		sed -i -e 's:^//#undef\( FAKELAG_CONFIGURABLE\):#define\1:' include/config.h || die
+	fi
+
+	# File is missing from the 5.0.9.1 tarball
+	sed -i -e '/unrealircd-upgrade-script/d' configure.ac || die
+
+	default
+	eautoreconf
+}
+
+src_configure() {
+	# Default value for privatelibdir adds a build path to -Wl,-rpath.
+	econf \
+		--with-bindir="${EPREFIX}"/usr/bin \
+		--with-cachedir="${EPREFIX}"/var/lib/${PN} \
+		--with-confdir="${EPREFIX}"/etc/${PN} \
+		--with-datadir="${EPREFIX}"/var/lib/${PN} \
+		--with-docdir="${EPREFIX}"/usr/share/doc/${PF} \
+		--with-logdir="${EPREFIX}"/var/log/${PN} \
+		--with-modulesdir="${EPREFIX}/usr/$(get_libdir)"/${PN}/modules \
+		--without-privatelibdir \
+		--with-pidfile="${EPREFIX}"/run/${PN}/ircd.pid \
+		--with-tmpdir="${EPREFIX}"/var/lib/${PN}/tmp \
+		--with-maxconnections=1024 \
+		--with-nick-history=2000 \
+		--with-permissions=0640 \
+		--with-system-argon2 \
+		--with-system-cares \
+		--with-system-pcre2 \
+		--enable-dynamic-linking \
+		--enable-ssl="${EPREFIX}"/usr \
+		$(use_enable curl libcurl "${EPREFIX}"/usr) \
+		$(use_enable prefixaq) \
+		$(use_with showlistmodes) \
+		$(use_with !operoverride no-operoverride) \
+		$(use_with operoverride-verify)
+}
+
+src_install() {
+	keepdir /var/log/${PN}
+	keepdir /var/lib/${PN}/tmp
+
+	newbin src/ircd ${PN}
+
+	(
+		cd src/modules || die
+		for subdir in $(find . -type d -print); do
+			if [[ -n $(shopt -s nullglob; echo ${subdir}/*.so) ]]; then
+				exeinto /usr/$(get_libdir)/${PN}/modules/"${subdir}"
+				doexe "${subdir}"/*.so
+			fi
+		done
+	)
+
+	insinto /etc/${PN}
+	# Purposefully omitting the examples/ and ssl/ subdirectories. ssl
+	# is redundant with app-misc/ca-certificates and examples will all
+	# be in docs anyway.
+	doins -r doc/conf/{aliases,help}
+	doins doc/conf/*.conf
+	newins doc/conf/examples/example.conf ${PN}.conf
+	keepdir /etc/${PN}/tls
+
+	einstalldocs
+
+	newinitd "${FILESDIR}"/${PN}.initd-r3 ${PN}
+	newconfd "${FILESDIR}"/${PN}.confd-r4 ${PN}
+
+	# config should be read-only
+	fperms -R 0640 /etc/${PN}
+	fperms 0750 /etc/${PN}{,/aliases,/help}
+	fperms 0750 /etc/${PN}/tls
+	# state is editable but not owned by unrealircd directly
+	fperms 0770 /var/log/${PN}
+	fperms 0770 /var/lib/${PN}{,/tmp}
+	fowners -R root:unrealircd /{etc,var/{lib,log}}/${PN}
+
+	# By default looks in /etc/unrealircd/ssl/curl-ca-bundle.crt. Fix
+	# that to look for ca-certificates-provided file instead. %s is
+	# CONFDIR. #618066
+	dosym ../../ssl/certs/ca-certificates.crt /etc/${PN}/tls/curl-ca-bundle.crt
+
+	systemd_dounit "${FILESDIR}"/${PN}.service
+}
+
+pkg_postinst() {
+	# Move docert call from src_install() to install_cert in pkg_postinst for
+	# bug #201682
+	if [[ ! -f "${EROOT}"/etc/${PN}/tls/server.cert.key ]]; then
+		if [[ -f "${EROOT}"/etc/${PN}/ssl/server.cert.key ]]; then
+			ewarn "The location ${PN} looks for SSL certificates has changed"
+			ewarn "from ${EROOT}/etc/${PN}/ssl to ${EROOT}/etc/${PN}/tls."
+			ewarn "Please move your existing certificates."
+		else
+			(
+				umask 0037
+				install_cert /etc/${PN}/tls/server.cert
+				chown unrealircd "${EROOT}"/etc/${PN}/tls/server.cert.*
+				ln -snf server.cert.key "${EROOT}"/etc/${PN}/tls/server.key.pem
+			)
+		fi
+	fi
+
+	local unrealircd_conf="${EROOT}"/etc/${PN}/${PN}.conf
+	# Fix up the default cloak keys.
+	if grep -qe '"and another one";$' "${unrealircd_conf}" && grep -qe '"aoAr1HnR6gl3sJ7hVz4Zb7x4YwpW";$' "${unrealircd_conf}"; then
+		ebegin "Generating cloak-keys"
+		local keys=(
+			$(su ${PN} -s /bin/sh -c "${PN} -k 2>&1 | tail -n 3")
+		)
+		[[ -n ${keys[0]} || -n ${keys[1]} || -n ${keys[2]} ]]
+		eend $?
+
+		ebegin "Substituting cloak-keys into ${unrealircd_conf}"
+		sed -i \
+			-e '/cloak-keys/ {
+n
+s/"aoAr1HnR6gl3sJ7hVz4Zb7x4YwpW";/"'"${keys[0]}"'";/
+n
+s/"and another one";/"'"${keys[1]}"'";/
+n
+s/"and another one";/"'"${keys[2]}"'";/
+}' \
+			"${unrealircd_conf}"
+		eend $?
+	fi
+
+	elog "UnrealIRCd will not run until you've set up ${EROOT}/etc/unrealircd/unrealircd.conf"
+	elog
+	elog "You can also configure ${PN} start at boot with rc-update(1)."
+	elog "It is recommended to run unrealircd as an unprivileged user."
+	elog "The provided init.d script does this for you."
+}
diff --git a/net-irc/unrealircd/unrealircd-6.0.4.2.ebuild b/net-irc/unrealircd/unrealircd-6.0.4.2.ebuild
new file mode 100644
index 0000000..17d16a6
--- /dev/null
+++ b/net-irc/unrealircd/unrealircd-6.0.4.2.ebuild
@@ -0,0 +1,195 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+SSL_CERT_MANDATORY=1
+VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/unrealircd.asc
+inherit autotools ssl-cert systemd tmpfiles verify-sig
+
+DESCRIPTION="An advanced Internet Relay Chat daemon"
+HOMEPAGE="https://www.unrealircd.org/"
+SRC_URI="https://www.unrealircd.org/downloads/${P}.tar.gz"
+SRC_URI+=" verify-sig? ( https://www.unrealircd.org/downloads/${P}.tar.gz.asc )"
+
+LICENSE="GPL-2+"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~ppc64 ~riscv ~x86 ~amd64-linux"
+IUSE="class-nofakelag curl geoip +operoverride operoverride-verify"
+
+RDEPEND="
+	acct-group/unrealircd
+	acct-user/unrealircd
+	>=app-crypt/argon2-20171227-r1:=
+	dev-libs/libpcre2
+	dev-libs/libsodium:=
+	dev-libs/openssl:=
+	dev-libs/jansson:=
+	>=net-dns/c-ares-1.7:=
+	virtual/libcrypt:=
+	curl? ( net-misc/curl[adns] )
+	geoip? ( dev-libs/libmaxminddb )
+"
+DEPEND="${RDEPEND}"
+BDEPEND="
+	virtual/pkgconfig
+	verify-sig? ( sec-keys/openpgp-keys-unrealircd )
+"
+
+DOCS=( doc/{Authors,Donation,RELEASE-NOTES.md,tao.of.irc,technical/,translations.txt} )
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-6.0.4.2-configure-clang16.patch
+)
+
+src_prepare() {
+	# QA check against bundled pkgs
+	rm -r extras || die
+
+	# building third-party modules (which we don't do) cause a sandbox violation
+	# bug 704444
+	echo "" > src/buildmod || die
+
+	sed -e 's/$(MODULEFLAGS)/$(LDFLAGS) &/' -i src/modules/{,*/}Makefile.in || die
+
+	if use class-nofakelag; then
+		sed -i -e 's:^//#undef\( FAKELAG_CONFIGURABLE\):#define\1:' include/config.h || die
+	fi
+
+	# File is missing from the 5.0.9.1 tarball
+	sed -i -e '/unrealircd-upgrade-script/d' configure.ac || die
+
+	default
+	eautoreconf
+}
+
+src_configure() {
+	# Default value for privatelibdir adds a build path to -Wl,-rpath.
+	econf \
+		--with-bindir="${EPREFIX}"/usr/bin \
+		--with-cachedir="${EPREFIX}"/var/lib/${PN} \
+		--with-confdir="${EPREFIX}"/etc/${PN} \
+		--with-datadir="${EPREFIX}"/var/lib/${PN} \
+		--with-docdir="${EPREFIX}"/usr/share/doc/${PF} \
+		--with-logdir="${EPREFIX}"/var/log/${PN} \
+		--with-modulesdir="${EPREFIX}/usr/$(get_libdir)"/${PN}/modules \
+		--without-privatelibdir \
+		--with-pidfile="${EPREFIX}"/run/${PN}/ircd.pid \
+		--with-tmpdir="${EPREFIX}"/var/lib/${PN}/tmp \
+		--with-maxconnections=1024 \
+		--with-nick-history=2000 \
+		--with-permissions=0640 \
+		--with-system-argon2 \
+		--with-system-cares \
+		--with-system-pcre2 \
+		--with-system-sodium \
+		--with-system-jansson \
+		--enable-dynamic-linking \
+		--with-controlfile="${EPREFIX}"/run/${PN}/unrealircd.ctl \
+		--enable-ssl="${EPREFIX}"/usr \
+		$(use_enable curl libcurl "${EPREFIX}"/usr) \
+		$(use_with !operoverride no-operoverride) \
+		$(use_with operoverride-verify) \
+		$(use_enable geoip libmaxminddb)
+}
+
+src_install() {
+	keepdir /var/log/${PN}
+	keepdir /var/lib/${PN}/tmp
+
+	newbin src/ircd ${PN}
+	dobin src/unrealircdctl
+
+	newtmpfiles "${FILESDIR}"/unrealircd.tmpfiles unrealircd.conf
+
+	(
+		cd src/modules || die
+		for subdir in $(find . -type d -print); do
+			if [[ -n $(shopt -s nullglob; echo ${subdir}/*.so) ]]; then
+				exeinto /usr/$(get_libdir)/${PN}/modules/"${subdir}"
+				doexe "${subdir}"/*.so
+			fi
+		done
+	)
+
+	insinto /etc/${PN}
+	# Purposefully omitting the examples/ and ssl/ subdirectories. ssl
+	# is redundant with app-misc/ca-certificates and examples will all
+	# be in docs anyway.
+	doins -r doc/conf/{aliases,help}
+	doins doc/conf/*.conf
+	newins doc/conf/examples/example.conf ${PN}.conf
+	keepdir /etc/${PN}/tls
+
+	einstalldocs
+
+	newinitd "${FILESDIR}"/${PN}.initd-r3 ${PN}
+	newconfd "${FILESDIR}"/${PN}.confd-r4 ${PN}
+
+	# config should be read-only
+	fperms -R 0640 /etc/${PN}
+	fperms 0750 /etc/${PN}{,/aliases,/help}
+	fperms 0750 /etc/${PN}/tls
+	# state is editable but not owned by unrealircd directly
+	fperms 0770 /var/log/${PN}
+	fperms 0770 /var/lib/${PN}{,/tmp}
+	fowners -R root:unrealircd /{etc,var/{lib,log}}/${PN}
+
+	# By default looks in /etc/unrealircd/ssl/curl-ca-bundle.crt. Fix
+	# that to look for ca-certificates-provided file instead. %s is
+	# CONFDIR. #618066
+	dosym ../../ssl/certs/ca-certificates.crt /etc/${PN}/tls/curl-ca-bundle.crt
+
+	systemd_dounit "${FILESDIR}"/${PN}.service
+}
+
+pkg_postinst() {
+	tmpfiles_process unrealircd.conf
+
+	# Move docert call from src_install() to install_cert in pkg_postinst for
+	# bug #201682
+	if [[ ! -f "${EROOT}"/etc/${PN}/tls/server.cert.key ]]; then
+		if [[ -f "${EROOT}"/etc/${PN}/ssl/server.cert.key ]]; then
+			ewarn "The location ${PN} looks for SSL certificates has changed"
+			ewarn "from ${EROOT}/etc/${PN}/ssl to ${EROOT}/etc/${PN}/tls."
+			ewarn "Please move your existing certificates."
+		else
+			(
+				umask 0037
+				install_cert /etc/${PN}/tls/server.cert
+				chown unrealircd "${EROOT}"/etc/${PN}/tls/server.cert.*
+				ln -snf server.cert.key "${EROOT}"/etc/${PN}/tls/server.key.pem
+			)
+		fi
+	fi
+
+	local unrealircd_conf="${EROOT}"/etc/${PN}/${PN}.conf
+	# Fix up the default cloak keys.
+	if grep -qe '"and another one";$' "${unrealircd_conf}" && grep -qe '"Oozahho1raezoh0iMee4ohvegaifahv5xaepeitaich9tahdiquaid0geecipahdauVaij3zieph4ahi";$' "${unrealircd_conf}"; then
+		ebegin "Generating cloak-keys"
+		local keys=(
+			$(su ${PN} -s "${EPREFIX}"/bin/sh -c "${PN} -k 2>&1 | tail -n 6 | head -n 3")
+		)
+		[[ -n ${keys[0]} || -n ${keys[1]} || -n ${keys[2]} ]]
+		eend $?
+
+		ebegin "Substituting cloak-keys into ${unrealircd_conf}"
+		sed -i \
+			-e '/cloak-keys/ {
+n
+s/"Oozahho1raezoh0iMee4ohvegaifahv5xaepeitaich9tahdiquaid0geecipahdauVaij3zieph4ahi";/'${keys[0]}'/
+n
+s/"and another one";/'${keys[1]}'/
+n
+s/"and another one";/'${keys[2]}'/
+}' \
+			"${unrealircd_conf}"
+		eend $?
+	fi
+
+	elog "UnrealIRCd will not run until you've set up ${EROOT}/etc/unrealircd/unrealircd.conf"
+	elog
+	elog "You can also configure ${PN} start at boot with rc-update(1)."
+	elog "It is recommended to run unrealircd as an unprivileged user."
+	elog "The provided init.d script does this for you."
+}