diff options
| author | miwi <miwi@FreeBSD.org> | 2007-03-16 19:24:04 +0800 |
|---|---|---|
| committer | miwi <miwi@FreeBSD.org> | 2007-03-16 19:24:04 +0800 |
| commit | 8f4c627412177bf7d437ad461b9687e5c5fa2d74 (patch) | |
| tree | 21f9356f684ba58a5b2c8b0dca2fad25f3580cd0 | |
| parent | fd1e0c5e75721749e456aabd3cd89323d5eb9ca9 (diff) | |
| download | freebsd-ports-gnome-8f4c627412177bf7d437ad461b9687e5c5fa2d74.tar.gz freebsd-ports-gnome-8f4c627412177bf7d437ad461b9687e5c5fa2d74.tar.zst freebsd-ports-gnome-8f4c627412177bf7d437ad461b9687e5c5fa2d74.zip | |
- Update to 0.4.0
PR: 110272
Submitted by: Christian Lackas <delta@lackas.net> (maintainer)
| -rw-r--r-- | security/vpnc/Makefile | 11 | ||||
| -rw-r--r-- | security/vpnc/distinfo | 6 | ||||
| -rw-r--r-- | security/vpnc/files/patch-Makefile | 29 | ||||
| -rw-r--r-- | security/vpnc/files/patch-config.c | 14 | ||||
| -rw-r--r-- | security/vpnc/files/patch-tunip.c | 48 | ||||
| -rw-r--r-- | security/vpnc/files/patch-vpnc-disconnect | 4 | ||||
| -rw-r--r-- | security/vpnc/files/patch-vpnc-script | 55 | ||||
| -rw-r--r-- | security/vpnc/files/patch-vpnc.8 | 237 | ||||
| -rw-r--r-- | security/vpnc/pkg-descr | 10 | ||||
| -rw-r--r-- | security/vpnc/pkg-message | 9 |
10 files changed, 45 insertions, 378 deletions
diff --git a/security/vpnc/Makefile b/security/vpnc/Makefile index 346d9a4d2cd9..9a5d76653d99 100644 --- a/security/vpnc/Makefile +++ b/security/vpnc/Makefile @@ -6,8 +6,7 @@ # PORTNAME= vpnc -PORTVERSION= 0.3.3 -PORTREVISION= 5 +PORTVERSION= 0.4.0 CATEGORIES= security MASTER_SITES= http://www.unix-ag.uni-kl.de/~massar/vpnc/ @@ -20,13 +19,14 @@ USE_GMAKE= yes ALL_TARGET= vpnc USE_RC_SUBR= vpnc +USE_PERL5_BUILD= yes PLIST_FILES= sbin/vpnc \ sbin/vpnc-script \ sbin/vpnc-disconnect \ etc/vpnc.conf.sample -PORTDOCS= README ChangeLog TODO +PORTDOCS= README TODO MAN8= vpnc.8 .include <bsd.port.pre.mk> @@ -35,7 +35,7 @@ post-patch: @${REINPLACE_CMD} -e \ 's|%%PREFIX%%|${PREFIX}|' ${WRKSRC}/config.c @${REINPLACE_CMD} -e \ - 's|%%CC%%|${CC}|;s|%%CFLAGS%%|${CFLAGS}|' \ + 's|%%PREFIX%%|${PREFIX}|;s|%%CC%%|${CC}|;s|%%CFLAGS%%|${CFLAGS}|' \ ${WRKSRC}/Makefile do-install: @@ -52,7 +52,4 @@ do-install: @cd ${WRKSRC} && ${INSTALL_DATA} ${PORTDOCS} ${DOCSDIR} .endif -post-install: - @${CAT} ${PKGMESSAGE} - .include <bsd.port.post.mk> diff --git a/security/vpnc/distinfo b/security/vpnc/distinfo index 202cee7c9784..e6267c6e0460 100644 --- a/security/vpnc/distinfo +++ b/security/vpnc/distinfo @@ -1,3 +1,3 @@ -MD5 (vpnc-0.3.3.tar.gz) = e7518cff21326fe7eb9795b60c25ae6a -SHA256 (vpnc-0.3.3.tar.gz) = be4a8e87b044cb99349e71e6879446739dd537dbde13e99ec61817ed67605bd7 -SIZE (vpnc-0.3.3.tar.gz) = 59939 +MD5 (vpnc-0.4.0.tar.gz) = 604807e7dd90fce00a4e2344ee29c76d +SHA256 (vpnc-0.4.0.tar.gz) = f91c6bc2547cb503fde4f244ba82304553fec3954c65521482f8db2491700586 +SIZE (vpnc-0.4.0.tar.gz) = 75491 diff --git a/security/vpnc/files/patch-Makefile b/security/vpnc/files/patch-Makefile index ff63c0b80845..7752c81336d0 100644 --- a/security/vpnc/files/patch-Makefile +++ b/security/vpnc/files/patch-Makefile @@ -1,15 +1,20 @@ ---- Makefile.orig Sun Apr 25 02:43:56 2004 -+++ Makefile Sun Apr 25 02:44:38 2004 -@@ -15,9 +15,9 @@ - # along with this program; if not, write to the Free Software - # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +--- Makefile.orig Tue Mar 13 15:58:08 2007 ++++ Makefile Tue Mar 13 15:59:50 2007 +@@ -20,7 +20,7 @@ + # $Id: patch-Makefile,v 1.5 2007/03/13 15:30:29 lackas Exp $ + + DESTDIR= +-PREFIX=/usr/local ++PREFIX=%%PREFIX%% + ETCDIR=/etc/vpnc + BINDIR=$(PREFIX)/bin + SBINDIR=$(PREFIX)/sbin +@@ -34,7 +34,7 @@ + VERSION := $(shell sh mk-version) + RELEASE_VERSION := $(shell cat VERSION) -CC=gcc --CFLAGS=-W -Wall -O -g '-DVERSION="$(shell cat VERSION)"' $(shell libgcrypt-config --cflags) --LDFLAGS=-g $(shell libgcrypt-config --libs) +CC=%%CC%% -+CFLAGS=-W -Wall %%CFLAGS%% '-DVERSION="$(shell cat VERSION)"' $(shell libgcrypt-config --cflags) -+LDFLAGS=$(shell libgcrypt-config --libs) - - ifeq ($(shell uname -s), Linux) - SYSDEP=sysdep-linux.o + CFLAGS += -W -Wall -O3 -Wmissing-declarations -Wwrite-strings -g + CPPFLAGS = -DVERSION=\"$(VERSION)\" + LDFLAGS = -g $(shell libgcrypt-config --libs) diff --git a/security/vpnc/files/patch-config.c b/security/vpnc/files/patch-config.c index 9a3fe1a6f43e..1aaf9d85e3f7 100644 --- a/security/vpnc/files/patch-config.c +++ b/security/vpnc/files/patch-config.c @@ -1,6 +1,6 @@ ---- config.c.orig Sun May 1 22:06:36 2005 -+++ config.c Tue Aug 2 20:18:29 2005 -@@ -125,12 +125,12 @@ +--- config.c.orig Fri Feb 16 18:22:06 2007 ++++ config.c Tue Mar 13 16:11:53 2007 +@@ -251,12 +251,12 @@ static const char *config_def_script(void) { @@ -14,15 +14,15 @@ + return "/var/run/vpnc.pid"; } - static const struct config_names_s { -@@ -520,8 +520,8 @@ + static const char *config_def_vendor(void) +@@ -701,8 +701,8 @@ } - + if (!got_conffile) { - read_config_file("/etc/vpnc/default.conf", config, 1); - read_config_file("/etc/vpnc.conf", config, 1); + read_config_file("%%PREFIX%%/etc/vpnc/default.conf", config, 1); + read_config_file("%%PREFIX%%/etc/vpnc.conf", config, 1); } - + if (!print_config) { diff --git a/security/vpnc/files/patch-tunip.c b/security/vpnc/files/patch-tunip.c deleted file mode 100644 index 98a647cd8c74..000000000000 --- a/security/vpnc/files/patch-tunip.c +++ /dev/null @@ -1,48 +0,0 @@ -Index: tunip.c -=================================================================== ---- tunip.c (revision 67) -+++ tunip.c (working copy) -@@ -3,6 +3,7 @@ - Copyright (C) 2002 Geoffrey Keating - Copyright (C) 2003-2005 Maurice Massar - Copyright (C) 2004 Tomas Mraz -+ Copyright (C) 2006 Daniel Roethlisberger - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by -@@ -776,7 +777,16 @@ - { - int sock; - struct pollfd pollfds[2]; -+ int enable_keepalives; -+ int poll_timeout; - -+ /* non-esp marker, nat keepalive payload (0xFF) */ -+ char keepalive[5] = { 0x00, 0x00, 0x00, 0x00, 0xFF }; -+ -+ /* send keepalives if UDP encapsulation is enabled */ -+ enable_keepalives = !strcmp(meth->name, "udpesp"); -+ poll_timeout = enable_keepalives ? 20000 : -1; -+ - pollfds[0].fd = tun_fd; - pollfds[0].events = POLLIN; - pollfds[1].fd = encap_get_fd(meth); -@@ -786,8 +796,16 @@ - int presult; - - do { -- presult = poll(pollfds, sizeof(pollfds) / sizeof(pollfds[0]), -1); -- } while (presult == -1 && errno == EINTR && !do_kill); -+ presult = poll(pollfds, sizeof(pollfds) / sizeof(pollfds[0]), poll_timeout); -+ if (presult == 0 && enable_keepalives) { -+ /* send nat keepalive packet */ -+ if(sendto(meth->fd, keepalive, sizeof(keepalive), 0, -+ (struct sockaddr*)&peer->remote_sa->dest, -+ sizeof(peer->remote_sa->dest)) == -1) { -+ syslog(LOG_ERR, "sendto: %m"); -+ } -+ } -+ } while ((presult == 0 || (presult == -1 && errno == EINTR)) && !do_kill); - if (presult == -1) { - syslog(LOG_ERR, "poll: %m"); - continue; diff --git a/security/vpnc/files/patch-vpnc-disconnect b/security/vpnc/files/patch-vpnc-disconnect index 80c271ff31c4..72d9315feae2 100644 --- a/security/vpnc/files/patch-vpnc-disconnect +++ b/security/vpnc/files/patch-vpnc-disconnect @@ -1,5 +1,5 @@ ---- vpnc-disconnect.orig Fri May 27 12:27:48 2005 -+++ vpnc-disconnect Fri May 27 12:28:02 2005 +--- vpnc-disconnect.orig Tue Mar 13 16:27:11 2007 ++++ vpnc-disconnect Tue Mar 13 16:27:17 2007 @@ -1,6 +1,6 @@ #!/bin/sh diff --git a/security/vpnc/files/patch-vpnc-script b/security/vpnc/files/patch-vpnc-script index 414cbdde1e07..e1f037b85b00 100644 --- a/security/vpnc/files/patch-vpnc-script +++ b/security/vpnc/files/patch-vpnc-script @@ -1,54 +1,13 @@ ---- vpnc-script.orig Thu May 5 19:05:18 2005 -+++ vpnc-script Fri May 27 12:21:50 2005 -@@ -19,8 +19,8 @@ - #set -x +--- vpnc-script.orig Tue Mar 13 16:03:06 2007 ++++ vpnc-script Tue Mar 13 16:03:24 2007 +@@ -31,8 +31,8 @@ + ;; + esac - OS="`uname -s`" -DEFAULT_ROUTE_FILE=/var/run/vpnc/defaultroute -RESOLV_CONF_BACKUP=/var/run/vpnc/resolv.conf-backup +DEFAULT_ROUTE_FILE=/var/run/vpnc.defaultroute +RESOLV_CONF_BACKUP=/var/run/vpnc.resolv.conf-backup - IPROUTE="`which ip 2> /dev/null`" - -@@ -117,7 +117,7 @@ - } - else - get_default_gw() { -- netstat -r -n | grep '^0.0.0.0' | awk '{print $2}' -+ netstat -r -n | grep '^default' | awk '{print $2}' - } - - set_vpngateway_route() { -@@ -219,11 +219,14 @@ - do_ifconfig - set_vpngateway_route - if [ -n "$CISCO_SPLIT_INC" ]; then -- for ((i = 0 ; i < CISCO_SPLIT_INC ; i++ )) ; do -+ # for ((i = 0 ; i < CISCO_SPLIT_INC ; i++ )) ; do -+ i=0 -+ while [ $i -lt ${CISCO_SPLIT_INC} ]; do - eval NETWORK="\${CISCO_SPLIT_INC_${i}_ADDR}" - eval NETMASK="\${CISCO_SPLIT_INC_${i}_MASK}" - eval NETMASKLEN="\${CISCO_SPLIT_INC_${i}_MASKLEN}" - set_network_route "$NETWORK" "$NETMASK" "$NETMASKLEN" -+ i=`expr $i + 1` - done - for i in $INTERNAL_IP4_DNS ; do - set_network_route "$i" "255.255.255.255" "32" -@@ -239,11 +242,14 @@ - - do_disconnect() { - if [ -n "$CISCO_SPLIT_INC" ]; then -- for ((i = 0 ; i < CISCO_SPLIT_INC ; i++ )) ; do -+ # for ((i = 0 ; i < CISCO_SPLIT_INC ; i++ )) ; do -+ i=0 -+ while [ $i -lt ${CISCO_SPLIT_INC} ]; do - eval NETWORK="\${CISCO_SPLIT_INC_${i}_ADDR}" - eval NETMASK="\${CISCO_SPLIT_INC_${i}_MASK}" - eval NETMASKLEN="\${CISCO_SPLIT_INC_${i}_MASKLEN}" - del_network_route "$NETWORK" "$NETMASK" "$NETMASKLEN" -+ i=`expr $i + 1` - done - for i in $INTERNAL_IP4_DNS ; do - del_network_route "$i" "255.255.255.255" "32" + # some systems, eg. Darwin & FreeBSD, prune /var/run on boot + if ! [ -d "/var/run/vpnc" ]; then diff --git a/security/vpnc/files/patch-vpnc.8 b/security/vpnc/files/patch-vpnc.8 deleted file mode 100644 index 091df862922e..000000000000 --- a/security/vpnc/files/patch-vpnc.8 +++ /dev/null @@ -1,237 +0,0 @@ ---- vpnc.8.dist Wed Nov 17 15:19:42 2004 -+++ vpnc.8 Wed Nov 17 15:20:40 2004 -@@ -1,18 +1,45 @@ --.TH "VPNC" "8" "13 Mai 2004" "Debian" "vpnc" -+.\" groff -man -Tascii vpnc.8 -+.TH "VPNC" "8" "Mai 2004" "FreeBSD" "vpnc" - - .SH NAME --vpnc \- client for Cisco VPN3000 Concentrator, IOS and PIX -+vpnc \- client for cisco3000 VPN Concentrator - .SH SYNOPSIS - --see --.B vpnc \-\-long\-help -+.B vpnc [ \-\-gateway -+.I <IP or hostname> -+.B ] [ \-\-id -+.I <IPSec group Id> -+.B ] [ \-\-username -+.I <user name> -+.B ] [ \-\-script -+.I <command> -+.B ] [ \-\-domain -+.I <domain name> -+.B ] [ \-\-dh -+.I <dh1/dh2/dh5> -+.B ] [ \-\-pfs -+.I <nopfs/dh1/dh2/dh5/server> -+.B ] [ \-\-enable-1des -+.B ] [ \-\-application-version -+.I <version string> -+.B ] [ \-\-ifname -+.I <interface> -+.B ] [ \-\-debug -+.I <0/1/2/3/99> -+.B ] [ \-\-no-detach -+.B ] [ \-\-pid-file -+.I <filename> -+.B ] [ \-\-local-port -+.I <0-65535> -+.B ] [ \-\-non-inter -+.B ] [ \-\-udp -+.B ] [ \-\-udp-port <0-65535> -+.B ] [ \-\-disable-natt -+.B ] -+ - - .SH "DESCRIPTION" - .PP --This manual page documents briefly the --\fBvpnc\fR, \fBvpnc\-connect\fR and --\fBvpnc\-disconnect\fR commands. --.PP - \fBvpnc\fR is a - VPN client for the Cisco 3000 VPN Concentrator, creating a IPSec-like - connection as a tunneling network device for the local system. It uses -@@ -20,7 +47,7 @@ - on BSD. The created connection is presented as a tunneling network - device to the local system. - .PP --The vpnc daemon by it self does not set any routes, the user (or -+The vpnc daemon by itself does not set any routes, the user (or - the connect script, see below) has to do it on its own, e.g. for a full - tunnel with IP routing under Linux. Further, the user must care about - setting a minimal route to the gateway to not cut the essential -@@ -30,26 +57,17 @@ - command (see \-\-script) to configure the interface and care about the - route setup. By default, only a simple ifconfig command is executed. - .PP --The command \fBvpnc\-connect\fR is a helper script that will assist on --connection invocation and routing configuration. It can also be used to manage configuration files --for multiple VPN connections. The script can be started by the user or --from the daemon (see \-\-script) when the connection is established. In --the first case, it will simply run the daemon after some environment --checks. When executed by the daemon later, it will create a minimalistic --host route to the gateway and configures the default gateway --configuration of Linux to run over the VPN tunnel. --.PP --The \fBvpnc\-disconnect\fR command is used to terminate --the connection previously created by \fBvpnc\-connect\fR --and restore the previous routing configuration. -+The script installed at \fB%%PREFIX%%/etc/rc.d/vpnc.sh.sample\fR contains an example -+of how to set up a tunnel. The \fBvpnc.sh.sample-fulltunnel\fR is are more intelligent -+script to set up a full tunnel. - - .SH CONFIGURATION - The daemon reads configuration data from the following places: - .PD 0 - .IP "- command line options" - .IP "- config file(s) specified on the command line" --.IP "- /etc/vpnc/default.conf" --.IP "- /etc/vpnc.conf" -+.IP "- %%PREFIX%%/etc/vpnc/default.conf" -+.IP "- %%PREFIX%%/etc/vpnc.conf" - .IP "- prompting the user if not found above" - - .PP -@@ -73,18 +91,87 @@ - for security reasons) or be stored in a configuration file. - - -+.IP "\-\-gateway <ip/hostname>" -+IP or host name of your IPSec gateway -+ -+.IP "\-\-id <ASCII string>" -+Your group name in <ASCII string> -+ -+.IP "\-\-username <ASCII string>" -+Your username -+ -+.IP "\-\-script <command>" -+The <command> specified here is executed when the connection has been -+established, in order to configure the interface, routing and so on. -+Device name, IP, etc. are passed using enviroment variables, see -+README. This script is executed right after ISAKMP is done, but befor -+tunneling is enabled. Some environment variables (namely TUNDEV and VPNGATEWAY) -+are set and can be used for the detail configuration. Default command: ifconfig -+$TUNDEV inet $INTERNAL_IP4_ADDRESS pointopoint $INTERNAL_IP4_ADDRESS netmask -+255.255.255.255 mtu 1412 up. -+ -+.IP "\-\-domain <ASCII string>" -+Domain name for authentication, sometimes needed for authentification -+against Windows NT domains. -+ -+.IP "\-\-dh <dh1/dh2/dh5>" -+Name of the IKE DH Group (default: dh2). -+ -+.IP "\-\-pfs <nopfs/dh1/dh2/dh5/server>" -+Diffie-Hellman group to use for PFS, one of nopfs, dh1, dh2, dh5 or -+server (default: server). -+ -+.IP "\-\-enable\-1des" -+Enables weak Single DES encryption. -+ -+.IP "\-\-application\-version <ASCII string>" -+Application Version to report to the server when identifying ourself -+(default: Cisco Systems VPN Client <vpnc-version>). -+ -+.IP "\-\-ifname <ASCII string>" -+The virtual name of the network interface assigned to the tunnel -+endpoint (default: first available tunX). [Linux only] -+ -+.IP "\-\-debug <0/1/2/3/99>" -+Show verbose debug messages with different verbosity levels. -+A level 99 transscript contains username and password, so -+do NEVER give those files away (use debug 3 instead). -+ -+.IP "\-\-no\-detach" -+Don't detach from the console (go to background) after login. -+ -+.IP "\-\-pid\-file <filename>" -+Store the pid of background process in a file. -+ -+.IP "\-\-local-port <0-65535>" -+Local ISAKMP port number to use (0 == use random port, 500 is default). -+ -+.IP "\-\-non-inter" -+Don't ask anything, exit on missing options. -+ - .IP "\-\-print\-config" -- Prints your configuration; output can be used as vpnc.conf -+Prints your configuration; output can be used as vpnc.conf. -+ -+.IP "\-\-udp" -+Use Cisco-UDP encapsulation of IPSEC traffic. -+ -+.IP "\-\-udp-port" -+Local UDP Encapsulation Port number to use (0 == use random port) -+ -+.IP "\-\-disable-natt" -+Disable use of NAT-T -+ -+.IP "\-\-xauth-inter" -+Enable interactive extended authentification (for challenge -+response auth). -+ - --See output of --.B vpnc \-\-long\-help --for a complete description - - .SH FILES --.I /etc/vpnc.conf -+.I %%PREFIX%%/etc/vpnc.conf - .RS - The default configuration file. You can specify the same config --directives as with command line options and additionaly -+directives as with command line options and additionaly. - .B IPSec secret - and - .B Xauth password -@@ -96,7 +183,7 @@ - for further details. - .RE - --.I /etc/vpnc/*.conf -+.I %%PREFIX%%/etc/vpnc/*.conf - .RS - The vpnc\-connect will read configuration files in this directory when - the config script name (without .conf) is specified on the command line. -@@ -129,7 +216,7 @@ - See also the - .B \-\-print\-config - option to generate a config file, and the example file in the package --documentation directory where more advanced usage is demonstrated. -+documentation directory where more advanced usage is described. - - Advanced features like manual setting of multiple target routes is - documented in the example files of the vpnc package. -@@ -143,18 +230,17 @@ - - .SH AUTHOR - This man-page has been written by Eduard Bloch <blade(at)debian.org> and --Christian Lackas <delta(at)lackas.net>, based on vpnc README by --Maurice Massar <vpnc(at)unix\-ag.uni\-kl.de>. --Permission is --granted to copy, distribute and/or modify this document under --the terms of the GNU General Public License, Version 2 any --later version published by the Free Software Foundation. -+Christian Lackas <delta(at)lackas.net>, based on the vpnc README by -+Maurice Massar <vpnc(at)unix\-ag.uni\-kl.de> and his source code. -+Permission is granted to copy, distribute and/or modify this document -+under the terms of the GNU General Public License, Version 2 any later -+version published by the Free Software Foundation. - .PP - On Debian systems, the complete text of the GNU General Public - License can be found in /usr/share/common\-licenses/GPL. - .SH "SEE ALSO" --.BR ip (8), --.BR ifconfig (8), --.BR route (1), -+.BR tun(4), -+.BR ifconfig(8), -+.BR route(8), - .BR http://www.unix\-ag.uni\-kl.de/~massar/vpnc/ -- -+.BR %%PREFIX%%/etc/rc.d/vpnc.sh.sample-fulltunnel diff --git a/security/vpnc/pkg-descr b/security/vpnc/pkg-descr index 76383a7dfdf1..9c43d780f789 100644 --- a/security/vpnc/pkg-descr +++ b/security/vpnc/pkg-descr @@ -1,8 +1,8 @@ -VPNC - Client for Cisco 3000 VPN Concentrator +VPNC - Client for Cisco 3000 VPN Concentrator, IOS and PIX -A VPN client compatible with Cisco's EasyVPN equipment. -Supports IPSec (ESP) with Mode Configuration and Xauth. Supports only -shared-secret IPSec authentication, 3DES, MD5, and IP tunneling. -It runs entirely in userspace. +Vpnc is a VPN client for the Cisco 3000 VPN Concentrator, creating a +IPSec-like connection as a tunneling network device for the local +system. The created connection is presented as a tunneling network +device to the local system. The daemon runs entirely in userspace. WWW: http://www.unix-ag.uni-kl.de/~massar/vpnc/ diff --git a/security/vpnc/pkg-message b/security/vpnc/pkg-message deleted file mode 100644 index 25b7f0377345..000000000000 --- a/security/vpnc/pkg-message +++ /dev/null @@ -1,9 +0,0 @@ -If vpnc under FreeBSD 4 fails with - - socket(SOCK_RAW): Protocol not supported - -check your kernel configuration. The ESP protocol may be only -enabled for FAST_IPSEC (this cannot be configured together with -IPSEC). See LINT for further details. - -Under FreeBSD 5 vpnc should work without any IPSEC enabled. |