diff options
author | sumikawa <sumikawa@FreeBSD.org> | 2005-02-02 02:59:09 +0800 |
---|---|---|
committer | sumikawa <sumikawa@FreeBSD.org> | 2005-02-02 02:59:09 +0800 |
commit | 58ee460ec1e5de087b74382e1f795a1adf2fcc5d (patch) | |
tree | 8c8d9d1b0986e74b16b60c4f723ea9c675a64751 /security/racoon2 | |
parent | a71f0577f08e7e6436b8e23f3386459333f0ebd3 (diff) | |
download | freebsd-ports-gnome-58ee460ec1e5de087b74382e1f795a1adf2fcc5d.tar.gz freebsd-ports-gnome-58ee460ec1e5de087b74382e1f795a1adf2fcc5d.tar.zst freebsd-ports-gnome-58ee460ec1e5de087b74382e1f795a1adf2fcc5d.zip |
"racoon2" is a system to exchange and to install security parameters
for the IPsec.
Currently the system supports the following specification:
Internet Key Exchange (IKEv2) Protocol
draft-ietf-ipsec-ikev2-17.txt
(The IKE daemon is not included in the current release due to IPR issue)
Kerberized Internet Negotiation of Keys (KINK)
draft-ietf-kink-kink-06.txt
PF_KEY Key Management API, Version 2
RFC2367
The following protocols will be supported soon.
The Internet Key Exchange (IKE)
RFC2409
WWW: http://www.kame.net/
This port was repocopied from secutiry/racoon.
PR: ports/76814
Diffstat (limited to 'security/racoon2')
-rw-r--r-- | security/racoon2/Makefile | 62 | ||||
-rw-r--r-- | security/racoon2/distinfo | 4 | ||||
-rw-r--r-- | security/racoon2/files/patch-aa | 20 | ||||
-rw-r--r-- | security/racoon2/files/patch-ab | 22 | ||||
-rw-r--r-- | security/racoon2/files/patch-ac | 11 | ||||
-rw-r--r-- | security/racoon2/files/patch-ad | 13 | ||||
-rw-r--r-- | security/racoon2/files/patch-configure | 122 | ||||
-rw-r--r-- | security/racoon2/files/patch-crypto_openssl.c | 42 | ||||
-rw-r--r-- | security/racoon2/files/racoon.sh | 42 | ||||
-rw-r--r-- | security/racoon2/pkg-descr | 31 | ||||
-rw-r--r-- | security/racoon2/pkg-plist | 14 |
11 files changed, 183 insertions, 200 deletions
diff --git a/security/racoon2/Makefile b/security/racoon2/Makefile index a68efae0f18e..feffbb4a1432 100644 --- a/security/racoon2/Makefile +++ b/security/racoon2/Makefile @@ -1,51 +1,55 @@ -# New ports collection makefile for: racoon -# Date created: 4 July 2000 +# New ports collection makefile for: racoon2 +# Date created: 4 Feb 2005 # Whom: sumikawa # # $FreeBSD$ # -PORTNAME= racoon -PORTVERSION= 20040818a -PORTREVISION= 1 +PORTNAME= racoon2 +PORTVERSION= 20050128b CATEGORIES= security net ipv6 -MASTER_SITES= ftp://ftp.kame.net/pub/kame/misc/ +MASTER_SITES= ftp://ftp.kame.net/pub/racoon2/ +EXTRACT_SUFX= .tgz MAINTAINER= sumikawa@FreeBSD.org -COMMENT= KAME racoon IKE daemon - -.if !exists(/usr/lib/libipsec.so.1) && !exists(/lib/libipsec.so.1) -BROKEN= "You must upgrade the OS" -.endif +COMMENT= Racoon2 IPsec daemon USE_RC_SUBR= YES USE_OPENSSL= YES -WRKSRC= ${WRKDIR}/${DISTNAME}/racoon +USE_AUTOCONF_VER=259 +CONFIGURE_TARGET= GNU_CONFIGURE= yes -CONFIGURE_ENV+= CPPFLAGS=-I${LOCALBASE}/include CFLAGS=-I${LOCALBASE}/include -LDFLAGS+= -L${LOCALBASE}/lib -L${WRKSRC}/../libipsec -CONFIGURE_ARGS+=--enable-debug -CONFIGURE_ARGS+=--enable-ipv6 CONFIGURE_ARGS+=--sysconfdir=${LOCALBASE}/etc -CONFIGURE_ARGS+=--with-pkgversion=freebsd-${PORTVERSION} - -MAN5= racoon.conf.5 -MAN8= racoon.8 -RC_SCRIPTS_SUB= PREFIX=${PREFIX} \ - RC_SUBR=${RC_SUBR} +.if !defined(NOPORTDOCS) +PORTDOCS= INSTALL USAGE.iked USAGE.kinkd USAGE.spmd config-usage.ja.txt +PORTDOCS+= draft-ietf-ipsec-ikev2-17.txt draft-ietf-kink-kink-06.txt +PORTDOCS+= iked-memo.ja.txt kink-spec-supplement.ja.txt +PORTDOCS+= kinkd-data-struct.obj kinkd-impl.ja.txt kinkd-install.ja.txt +PORTDOCS+= kinkd-state-txn.obj libracoon.ja.txt specification.ja.txt +PORTDOCS+= spmif.txt system-message.ja.txt +.endif pre-patch: - ${MV} ${WRKSRC}/racoon.8 ${WRKSRC}/racoon.8.in - -pre-configure: - (cd ${WRKSRC}/../libipsec; make) + (cd ${WRKSRC}/samples ;\ + ${MV} racoon2.conf racoon2.conf.in ;\ + ${MV} init.d-kinkd init.d-kinkd.in ;\ + ${MV} init.d-spmd init.d-spmd.in ;\ + ${MV} rc.d-kinkd rc.d-kinkd.in ;\ + ${MV} rc.d-spmd rc.d-spmd.in ) post-install: - @${SED} ${RC_SCRIPTS_SUB:S/$/!g/:S/^/ -e s!%%/:S/=/%%!/} \ - ${FILESDIR}/racoon.sh > ${PREFIX}/etc/rc.d/racoon.sh - @${CHMOD} +x ${PREFIX}/etc/rc.d/racoon.sh +.if !defined(NOPORTDOCS) + ${MKDIR} ${DOCSDIR} + ${INSTALL_DATA} ${WRKSRC}/COPYRIGHT ${DOCSDIR} + ${INSTALL_DATA} ${WRKSRC}/COPYRIGHT.jp ${DOCSDIR} + ${INSTALL_DATA} ${WRKSRC}/README ${DOCSDIR} + ${INSTALL_DATA} ${WRKSRC}/README.iked ${DOCSDIR} +.for FILE in ${PORTDOCS} + ${INSTALL_DATA} ${WRKSRC}/doc/${FILE} ${DOCSDIR} +.endfor +.endif @if [ -z `/sbin/sysctl -a | ${GREP} -q ipsec && echo ipsec` ]; then \ ${ECHO_MSG} "WARNING: IPsec feature is disabled on this host"; \ ${ECHO_MSG} " You must build the kernel if you want to run racoon on the host"; \ diff --git a/security/racoon2/distinfo b/security/racoon2/distinfo index 62ac81a89bd5..4e5615141c2d 100644 --- a/security/racoon2/distinfo +++ b/security/racoon2/distinfo @@ -1,2 +1,2 @@ -MD5 (racoon-20040818a.tar.gz) = c983587afc2772c11e4b81c3b4b9dfc4 -SIZE (racoon-20040818a.tar.gz) = 397275 +MD5 (racoon2-20050128b.tgz) = 9c2f6365926485d47d85388a9e586cb6 +SIZE (racoon2-20050128b.tgz) = 503119 diff --git a/security/racoon2/files/patch-aa b/security/racoon2/files/patch-aa deleted file mode 100644 index b9e78afe4ac3..000000000000 --- a/security/racoon2/files/patch-aa +++ /dev/null @@ -1,20 +0,0 @@ ---- ../libipsec/Makefile.orig Sun Jun 11 23:54:31 2000 -+++ ../libipsec/Makefile Tue Oct 17 01:06:10 2000 -@@ -25,12 +25,13 @@ - # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - # SUCH DAMAGE. - --.if exists(${.CURDIR}/../Makefile.opsys) --.include "${.CURDIR}/../Makefile.opsys" --.endif -+#.if exists(${.CURDIR}/../Makefile.opsys) -+#.include "${.CURDIR}/../Makefile.opsys" -+#.endif -+OPSYS!= uname -s - - LIB= ipsec --CFLAGS+=-g -+CFLAGS+=-g -I. - .if (${OPSYS} != "NetBSD") - CFLAGS+=-DIPSEC_DEBUG -DIPSEC -DINET6 - .else diff --git a/security/racoon2/files/patch-ab b/security/racoon2/files/patch-ab deleted file mode 100644 index e5fb29c03f60..000000000000 --- a/security/racoon2/files/patch-ab +++ /dev/null @@ -1,22 +0,0 @@ ---- Makefile.in.orig Fri Sep 27 07:04:59 2002 -+++ Makefile.in Thu Nov 21 22:28:50 2002 -@@ -7,7 +7,7 @@ - LDFLAGS=@LDFLAGS@ - CPPFLAGS= @CPPFLAGS@ - OPTFLAG=@OPTFLAG@ --CFLAGS= @CFLAGS@ $(CPPFLAGS) @DEFS@ $(CPPFLAGS) $(OPTFLAG) -DIPSEC -I. -I$(srcdir) -DSYSCONFDIR=\"${sysconfdir}\" -+CFLAGS= @CFLAGS@ $(CPPFLAGS) @DEFS@ $(CPPFLAGS) $(OPTFLAG) -DIPSEC -I. -I$(srcdir) -DSYSCONFDIR=\"${sysconfdir}/racoon\" - CFLAGS+=-DYY_NO_UNPUT - CFLAGS+=-I${srcdir}/../libipsec - LIBS= @LIBS@ -@@ -88,10 +88,6 @@ - $(INSTALL) -o bin -g bin -m 444 racoon.conf.5 $(mandir)/man5 - -mkdir -p ${sysconfdir}/racoon - for i in $(CONF); do \ -- if test ! -f ${sysconfdir}/racoon/$$i; then \ -- $(INSTALL) -o bin -g bin -m 444 samples/$$i \ -- ${sysconfdir}/racoon; \ -- fi; \ - $(INSTALL) -o bin -g bin -m 444 samples/$$i \ - ${sysconfdir}/racoon/$$i.dist; \ - done diff --git a/security/racoon2/files/patch-ac b/security/racoon2/files/patch-ac deleted file mode 100644 index ee9eba403dd1..000000000000 --- a/security/racoon2/files/patch-ac +++ /dev/null @@ -1,11 +0,0 @@ ---- configure- Wed Jul 5 16:18:19 2000 -+++ configure Wed Jul 5 16:18:32 2000 -@@ -4021,7 +4021,7 @@ - - cat >> $CONFIG_STATUS <<EOF - --CONFIG_FILES=\${CONFIG_FILES-"Makefile samples/psk.txt samples/racoon.conf"} -+CONFIG_FILES=\${CONFIG_FILES-"Makefile samples/psk.txt samples/racoon.conf racoon.8"} - EOF - cat >> $CONFIG_STATUS <<\EOF - for ac_file in .. $CONFIG_FILES; do if test "x$ac_file" != x..; then diff --git a/security/racoon2/files/patch-ad b/security/racoon2/files/patch-ad deleted file mode 100644 index 8b8fb3b81fe0..000000000000 --- a/security/racoon2/files/patch-ad +++ /dev/null @@ -1,13 +0,0 @@ ---- racoon.8.in.orig Tue Jul 4 21:27:59 2000 -+++ racoon.8.in Wed Jul 5 16:17:43 2000 -@@ -97,8 +97,8 @@ - .El - .\" - .Sh FILES --.Bl -tag -width /usr/local/v6/etc/racoon.conf -compact --.It Pa /usr/local/v6/etc/racoon.conf -+.Bl -tag -width @sysconfdir@/racoon/racoon.conf -compact -+.It Pa @sysconfdir@/racoon/racoon.conf - default configuration file. - .It Pa /var/log/racoon.log - default log file. diff --git a/security/racoon2/files/patch-configure b/security/racoon2/files/patch-configure new file mode 100644 index 000000000000..08d42370722a --- /dev/null +++ b/security/racoon2/files/patch-configure @@ -0,0 +1,122 @@ +--- configure.in.orig Thu Jan 27 00:35:13 2005 ++++ configure.in Tue Feb 1 17:51:25 2005 +@@ -43,7 +43,7 @@ + dnl support before 1.5. + boot_mech_target=install-rc-d + ;; +-freebsd[5-9].*) ++freebsd*) + boot_mech_target=install-rc-d + ;; + *) +@@ -51,4 +51,5 @@ + ;; + esac + +-AC_OUTPUT([Makefile samples/Makefile]) ++AC_OUTPUT([Makefile samples/Makefile samples/racoon2.conf]) ++AC_OUTPUT([samples/init.d-kinkd samples/init.d-spmd samples/rc.d-kinkd samples/rc.d-spmd]) +diff -ur samples-/init.d-kinkd.in samples/init.d-kinkd.in +--- samples-/init.d-kinkd.in Tue Feb 1 17:18:58 2005 ++++ samples/init.d-kinkd.in Tue Feb 1 17:18:01 2005 +@@ -3,8 +3,11 @@ + # kinkd start up script + # + ++prefix=@prefix@ ++exec_prefix=@exec_prefix@ ++ + NAME=kinkd +-DAEMON=/usr/local/racoon2/sbin/$NAME ++DAEMON=@sbindir@/$NAME + PIDFILE=/var/run/$NAME.pid + + test -x $DAEMON || exit 0 +diff -ur samples-/init.d-spmd.in samples/init.d-spmd.in +--- samples-/init.d-spmd.in Tue Feb 1 17:18:58 2005 ++++ samples/init.d-spmd.in Tue Feb 1 17:18:01 2005 +@@ -1,7 +1,10 @@ + #! /bin/sh + +-PATH=/usr/local/racoon2/sbin:/usr/local/racoon2/bin:$PATH +-DAEMON=/usr/local/racoon2/sbin/spmd ++prefix=@prefix@ ++exec_prefix=@exec_prefix@ ++ ++PATH=@sbindir@:@bindir@:$PATH ++DAEMON=@sbindir@/spmd + DAEMON_OPT="" + NAME="spmd" + +diff -ur samples-/rc.d-kinkd.in samples/rc.d-kinkd.in +--- samples/Makefile.in.orig Wed Jan 26 07:43:52 2005 ++++ samples/Makefile.in Tue Feb 1 17:54:30 2005 +@@ -17,8 +17,8 @@ + + install-rc-d: + $(INSTALL) -d $(sysconfdir)/rc.d +- $(INSTALL) rc.d-kinkd $(sysconfdir)/rc.d/kinkd +- $(INSTALL) rc.d-spmd $(sysconfdir)/rc.d/spmd ++ $(INSTALL) rc.d-kinkd $(sysconfdir)/rc.d/kinkd.sh ++ $(INSTALL) rc.d-spmd $(sysconfdir)/rc.d/spmd.sh + + install-init-d: + $(INSTALL) -d $(sysconfdir)/init.d +@@ -32,4 +32,4 @@ + -rm -f *~ + + distclean: clean +- -rm -f Makefile ++ -rm -f Makefile racoon2.conf init.d-kinkd init.d-spmd rc.d-kinkd rc.d-spmd +--- samples/rc.d-spmd.in.orig Wed Jan 26 07:43:52 2005 ++++ samples/rc.d-spmd.in Tue Feb 1 18:31:31 2005 +@@ -3,6 +3,9 @@ + # spmd rc.d script for NetBSD + # + ++prefix=@prefix@ ++exec_prefix=@exec_prefix@ ++ + # PROVIDE: spmd + # REQUIRE: isdnd ppp + # BEFORE: SERVERS +@@ -10,10 +13,10 @@ + . /etc/rc.subr + + name="spmd" +-rcvar=$name +-command="/usr/local/racoon2/sbin/${name}" ++rcvar=`set_rcvar` ++command="@sbindir@/${name}" + pidfile="/var/run/${name}.pid" +-required_files="/usr/local/racoon2/etc/racoon2.conf" ++required_files="@sysconfdir@/racoon2.conf" + start_precmd="spmd_precmd" + + spmd_precmd() +--- samples/rc.d-kinkd.in.orig Tue Jan 11 02:00:29 2005 ++++ samples/rc.d-kinkd.in Tue Feb 1 18:31:49 2005 +@@ -3,6 +3,9 @@ + # kinkd rc.d script for NetBSD + # + ++prefix=@prefix@ ++exec_prefix=@exec_prefix@ ++ + # PROVIDE: kink + # REQUIRE: isdnd kdc ppp + # BEFORE: SERVERS +@@ -11,10 +14,10 @@ + . /etc/rc.subr + + name="kinkd" +-rcvar=$name +-command="/usr/local/racoon2/sbin/${name}" ++rcvar=`set_rcvar` ++command="@sbindir@/${name}" + pidfile="/var/run/${name}.pid" +-required_files="/usr/local/racoon2/etc/racoon2.conf" ++required_files="@sysconfdir@/racoon2.conf" + + load_rc_config $name + run_rc_command "$1" diff --git a/security/racoon2/files/patch-crypto_openssl.c b/security/racoon2/files/patch-crypto_openssl.c deleted file mode 100644 index 3f243d19c8e2..000000000000 --- a/security/racoon2/files/patch-crypto_openssl.c +++ /dev/null @@ -1,42 +0,0 @@ ---- crypto_openssl.old.c 2004-04-09 22:25:56.000000000 +0530 -+++ crypto_openssl.c 2004-08-02 20:30:03.000000000 +0530 -@@ -1654,6 +1654,7 @@ - - HMAC_Final((HMAC_CTX *)c, res->v, &l); - res->l = l; -+ HMAC_cleanup((HMAC_CTX *)c); - (void)racoon_free(c); - - if (SHA512_DIGEST_LENGTH != res->l) { -@@ -1710,6 +1711,7 @@ - - HMAC_Final((HMAC_CTX *)c, res->v, &l); - res->l = l; -+ HMAC_cleanup((HMAC_CTX *)c); - (void)racoon_free(c); - - if (SHA384_DIGEST_LENGTH != res->l) { -@@ -1766,6 +1768,7 @@ - - HMAC_Final((HMAC_CTX *)c, res->v, &l); - res->l = l; -+ HMAC_cleanup((HMAC_CTX *)c); - (void)racoon_free(c); - - if (SHA256_DIGEST_LENGTH != res->l) { -@@ -1823,6 +1826,7 @@ - - HMAC_Final((HMAC_CTX *)c, res->v, &l); - res->l = l; -+ HMAC_cleanup((HMAC_CTX *)c); - (void)racoon_free(c); - - if (SHA_DIGEST_LENGTH != res->l) { -@@ -1879,6 +1883,7 @@ - - HMAC_Final((HMAC_CTX *)c, res->v, &l); - res->l = l; -+ HMAC_cleanup((HMAC_CTX *)c); - (void)racoon_free(c); - - if (MD5_DIGEST_LENGTH != res->l) { diff --git a/security/racoon2/files/racoon.sh b/security/racoon2/files/racoon.sh deleted file mode 100644 index ecde585dad87..000000000000 --- a/security/racoon2/files/racoon.sh +++ /dev/null @@ -1,42 +0,0 @@ -#!/bin/sh - -# Start or stop racoon -# $FreeBSD$ - -# PROVIDE: racoon -# REQUIRE: DAEMON -# BEFORE: LOGIN -# KEYWORD: FreeBSD shutdown -# -# NOTE for FreeBSD 5.0+: -# If you want this script to start with the base rc scripts -# move racoon.sh to /etc/rc.d/racoon - -prefix=%%PREFIX%% - -# Define these racoon_* variables in one of these files: -# /etc/rc.conf -# /etc/rc.conf.local -# /etc/rc.conf.d/racoon -# -# DO NOT CHANGE THESE DEFAULT VALUES HERE -# -[ -z "$racoon_enable" ] && racoon_enable="YES" # Enable racoon -#racoon_program="${prefix}/sbin/racoon" # Location of racoon -#racoon_flags="" # Flags to racoon program - -. %%RC_SUBR%% - -name="racoon" -rcvar=`set_rcvar` -command="${prefix}/sbin/racoon" -pidfile="/var/run/racoon.pid" -required_files="${prefix}/etc/racoon/racoon.conf" -stop_postcmd="racoon_poststop" - -racoon_poststop() { - /bin/rm -f ${pidfile} -} - -load_rc_config $name -run_rc_command "$1" diff --git a/security/racoon2/pkg-descr b/security/racoon2/pkg-descr index 9470793d9b4b..f646f1b2b11f 100644 --- a/security/racoon2/pkg-descr +++ b/security/racoon2/pkg-descr @@ -1,18 +1,21 @@ -racoon speaks IKE (ISAKMP/Oakley) key management protocol, to -establish security association with other hosts. +"racoon2" is a system to exchange and to install security parameters +for the IPsec. -Known issues: -- Too many use of dynamic memory allocation, which leads to memory leak. -- Non-threaded implementation. Simultaneous key negotiation performance - should be improved. -- Cannot negotiate keys for per-socket policy. -- Cryptic configuration syntax - blame IPsec specification too... -- Needs more documentation. +Currently the system supports the following specification: -Design choice, not a bug: -- racoon negotiate IPsec keys only. It does not negotiate policy. Policy must - be configured into the kernel separately from racoon. If you want to - support roaming clients, you may need to have a mechanism to put policy - for the roaming client after phase 1 finishes. + Internet Key Exchange (IKEv2) Protocol + draft-ietf-ipsec-ikev2-17.txt + (The IKE daemon is not included in the current release due to IPR issue) + + Kerberized Internet Negotiation of Keys (KINK) + draft-ietf-kink-kink-06.txt + + PF_KEY Key Management API, Version 2 + RFC2367 + +The following protocols will be supported soon. + + The Internet Key Exchange (IKE) + RFC2409 WWW: http://www.kame.net/ diff --git a/security/racoon2/pkg-plist b/security/racoon2/pkg-plist index d9c289662081..1eb5c981d552 100644 --- a/security/racoon2/pkg-plist +++ b/security/racoon2/pkg-plist @@ -1,5 +1,9 @@ -sbin/racoon -etc/racoon/psk.txt.dist -etc/racoon/racoon.conf.dist -etc/rc.d/racoon.sh -@unexec rmdir %D/etc/racoon 2>/dev/null || true +sbin/spmd +sbin/kinkd +etc/racoon2.conf.sample +etc/rc.d/spmd.sh +etc/rc.d/kinkd.sh +%%PORTDOCS%%%%DOCSDIR%%/COPYRIGHT +%%PORTDOCS%%%%DOCSDIR%%/COPYRIGHT.jp +%%PORTDOCS%%%%DOCSDIR%%/README +%%PORTDOCS%%%%DOCSDIR%%/README.iked |