aboutsummaryrefslogtreecommitdiffstats
path: root/security/racoon2
diff options
context:
space:
mode:
authorsumikawa <sumikawa@FreeBSD.org>2005-02-02 02:59:09 +0800
committersumikawa <sumikawa@FreeBSD.org>2005-02-02 02:59:09 +0800
commit58ee460ec1e5de087b74382e1f795a1adf2fcc5d (patch)
tree8c8d9d1b0986e74b16b60c4f723ea9c675a64751 /security/racoon2
parenta71f0577f08e7e6436b8e23f3386459333f0ebd3 (diff)
downloadfreebsd-ports-gnome-58ee460ec1e5de087b74382e1f795a1adf2fcc5d.tar.gz
freebsd-ports-gnome-58ee460ec1e5de087b74382e1f795a1adf2fcc5d.tar.zst
freebsd-ports-gnome-58ee460ec1e5de087b74382e1f795a1adf2fcc5d.zip
"racoon2" is a system to exchange and to install security parameters
for the IPsec. Currently the system supports the following specification: Internet Key Exchange (IKEv2) Protocol draft-ietf-ipsec-ikev2-17.txt (The IKE daemon is not included in the current release due to IPR issue) Kerberized Internet Negotiation of Keys (KINK) draft-ietf-kink-kink-06.txt PF_KEY Key Management API, Version 2 RFC2367 The following protocols will be supported soon. The Internet Key Exchange (IKE) RFC2409 WWW: http://www.kame.net/ This port was repocopied from secutiry/racoon. PR: ports/76814
Diffstat (limited to 'security/racoon2')
-rw-r--r--security/racoon2/Makefile62
-rw-r--r--security/racoon2/distinfo4
-rw-r--r--security/racoon2/files/patch-aa20
-rw-r--r--security/racoon2/files/patch-ab22
-rw-r--r--security/racoon2/files/patch-ac11
-rw-r--r--security/racoon2/files/patch-ad13
-rw-r--r--security/racoon2/files/patch-configure122
-rw-r--r--security/racoon2/files/patch-crypto_openssl.c42
-rw-r--r--security/racoon2/files/racoon.sh42
-rw-r--r--security/racoon2/pkg-descr31
-rw-r--r--security/racoon2/pkg-plist14
11 files changed, 183 insertions, 200 deletions
diff --git a/security/racoon2/Makefile b/security/racoon2/Makefile
index a68efae0f18e..feffbb4a1432 100644
--- a/security/racoon2/Makefile
+++ b/security/racoon2/Makefile
@@ -1,51 +1,55 @@
-# New ports collection makefile for: racoon
-# Date created: 4 July 2000
+# New ports collection makefile for: racoon2
+# Date created: 4 Feb 2005
# Whom: sumikawa
#
# $FreeBSD$
#
-PORTNAME= racoon
-PORTVERSION= 20040818a
-PORTREVISION= 1
+PORTNAME= racoon2
+PORTVERSION= 20050128b
CATEGORIES= security net ipv6
-MASTER_SITES= ftp://ftp.kame.net/pub/kame/misc/
+MASTER_SITES= ftp://ftp.kame.net/pub/racoon2/
+EXTRACT_SUFX= .tgz
MAINTAINER= sumikawa@FreeBSD.org
-COMMENT= KAME racoon IKE daemon
-
-.if !exists(/usr/lib/libipsec.so.1) && !exists(/lib/libipsec.so.1)
-BROKEN= "You must upgrade the OS"
-.endif
+COMMENT= Racoon2 IPsec daemon
USE_RC_SUBR= YES
USE_OPENSSL= YES
-WRKSRC= ${WRKDIR}/${DISTNAME}/racoon
+USE_AUTOCONF_VER=259
+CONFIGURE_TARGET=
GNU_CONFIGURE= yes
-CONFIGURE_ENV+= CPPFLAGS=-I${LOCALBASE}/include CFLAGS=-I${LOCALBASE}/include
-LDFLAGS+= -L${LOCALBASE}/lib -L${WRKSRC}/../libipsec
-CONFIGURE_ARGS+=--enable-debug
-CONFIGURE_ARGS+=--enable-ipv6
CONFIGURE_ARGS+=--sysconfdir=${LOCALBASE}/etc
-CONFIGURE_ARGS+=--with-pkgversion=freebsd-${PORTVERSION}
-
-MAN5= racoon.conf.5
-MAN8= racoon.8
-RC_SCRIPTS_SUB= PREFIX=${PREFIX} \
- RC_SUBR=${RC_SUBR}
+.if !defined(NOPORTDOCS)
+PORTDOCS= INSTALL USAGE.iked USAGE.kinkd USAGE.spmd config-usage.ja.txt
+PORTDOCS+= draft-ietf-ipsec-ikev2-17.txt draft-ietf-kink-kink-06.txt
+PORTDOCS+= iked-memo.ja.txt kink-spec-supplement.ja.txt
+PORTDOCS+= kinkd-data-struct.obj kinkd-impl.ja.txt kinkd-install.ja.txt
+PORTDOCS+= kinkd-state-txn.obj libracoon.ja.txt specification.ja.txt
+PORTDOCS+= spmif.txt system-message.ja.txt
+.endif
pre-patch:
- ${MV} ${WRKSRC}/racoon.8 ${WRKSRC}/racoon.8.in
-
-pre-configure:
- (cd ${WRKSRC}/../libipsec; make)
+ (cd ${WRKSRC}/samples ;\
+ ${MV} racoon2.conf racoon2.conf.in ;\
+ ${MV} init.d-kinkd init.d-kinkd.in ;\
+ ${MV} init.d-spmd init.d-spmd.in ;\
+ ${MV} rc.d-kinkd rc.d-kinkd.in ;\
+ ${MV} rc.d-spmd rc.d-spmd.in )
post-install:
- @${SED} ${RC_SCRIPTS_SUB:S/$/!g/:S/^/ -e s!%%/:S/=/%%!/} \
- ${FILESDIR}/racoon.sh > ${PREFIX}/etc/rc.d/racoon.sh
- @${CHMOD} +x ${PREFIX}/etc/rc.d/racoon.sh
+.if !defined(NOPORTDOCS)
+ ${MKDIR} ${DOCSDIR}
+ ${INSTALL_DATA} ${WRKSRC}/COPYRIGHT ${DOCSDIR}
+ ${INSTALL_DATA} ${WRKSRC}/COPYRIGHT.jp ${DOCSDIR}
+ ${INSTALL_DATA} ${WRKSRC}/README ${DOCSDIR}
+ ${INSTALL_DATA} ${WRKSRC}/README.iked ${DOCSDIR}
+.for FILE in ${PORTDOCS}
+ ${INSTALL_DATA} ${WRKSRC}/doc/${FILE} ${DOCSDIR}
+.endfor
+.endif
@if [ -z `/sbin/sysctl -a | ${GREP} -q ipsec && echo ipsec` ]; then \
${ECHO_MSG} "WARNING: IPsec feature is disabled on this host"; \
${ECHO_MSG} " You must build the kernel if you want to run racoon on the host"; \
diff --git a/security/racoon2/distinfo b/security/racoon2/distinfo
index 62ac81a89bd5..4e5615141c2d 100644
--- a/security/racoon2/distinfo
+++ b/security/racoon2/distinfo
@@ -1,2 +1,2 @@
-MD5 (racoon-20040818a.tar.gz) = c983587afc2772c11e4b81c3b4b9dfc4
-SIZE (racoon-20040818a.tar.gz) = 397275
+MD5 (racoon2-20050128b.tgz) = 9c2f6365926485d47d85388a9e586cb6
+SIZE (racoon2-20050128b.tgz) = 503119
diff --git a/security/racoon2/files/patch-aa b/security/racoon2/files/patch-aa
deleted file mode 100644
index b9e78afe4ac3..000000000000
--- a/security/racoon2/files/patch-aa
+++ /dev/null
@@ -1,20 +0,0 @@
---- ../libipsec/Makefile.orig Sun Jun 11 23:54:31 2000
-+++ ../libipsec/Makefile Tue Oct 17 01:06:10 2000
-@@ -25,12 +25,13 @@
- # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- # SUCH DAMAGE.
-
--.if exists(${.CURDIR}/../Makefile.opsys)
--.include "${.CURDIR}/../Makefile.opsys"
--.endif
-+#.if exists(${.CURDIR}/../Makefile.opsys)
-+#.include "${.CURDIR}/../Makefile.opsys"
-+#.endif
-+OPSYS!= uname -s
-
- LIB= ipsec
--CFLAGS+=-g
-+CFLAGS+=-g -I.
- .if (${OPSYS} != "NetBSD")
- CFLAGS+=-DIPSEC_DEBUG -DIPSEC -DINET6
- .else
diff --git a/security/racoon2/files/patch-ab b/security/racoon2/files/patch-ab
deleted file mode 100644
index e5fb29c03f60..000000000000
--- a/security/racoon2/files/patch-ab
+++ /dev/null
@@ -1,22 +0,0 @@
---- Makefile.in.orig Fri Sep 27 07:04:59 2002
-+++ Makefile.in Thu Nov 21 22:28:50 2002
-@@ -7,7 +7,7 @@
- LDFLAGS=@LDFLAGS@
- CPPFLAGS= @CPPFLAGS@
- OPTFLAG=@OPTFLAG@
--CFLAGS= @CFLAGS@ $(CPPFLAGS) @DEFS@ $(CPPFLAGS) $(OPTFLAG) -DIPSEC -I. -I$(srcdir) -DSYSCONFDIR=\"${sysconfdir}\"
-+CFLAGS= @CFLAGS@ $(CPPFLAGS) @DEFS@ $(CPPFLAGS) $(OPTFLAG) -DIPSEC -I. -I$(srcdir) -DSYSCONFDIR=\"${sysconfdir}/racoon\"
- CFLAGS+=-DYY_NO_UNPUT
- CFLAGS+=-I${srcdir}/../libipsec
- LIBS= @LIBS@
-@@ -88,10 +88,6 @@
- $(INSTALL) -o bin -g bin -m 444 racoon.conf.5 $(mandir)/man5
- -mkdir -p ${sysconfdir}/racoon
- for i in $(CONF); do \
-- if test ! -f ${sysconfdir}/racoon/$$i; then \
-- $(INSTALL) -o bin -g bin -m 444 samples/$$i \
-- ${sysconfdir}/racoon; \
-- fi; \
- $(INSTALL) -o bin -g bin -m 444 samples/$$i \
- ${sysconfdir}/racoon/$$i.dist; \
- done
diff --git a/security/racoon2/files/patch-ac b/security/racoon2/files/patch-ac
deleted file mode 100644
index ee9eba403dd1..000000000000
--- a/security/racoon2/files/patch-ac
+++ /dev/null
@@ -1,11 +0,0 @@
---- configure- Wed Jul 5 16:18:19 2000
-+++ configure Wed Jul 5 16:18:32 2000
-@@ -4021,7 +4021,7 @@
-
- cat >> $CONFIG_STATUS <<EOF
-
--CONFIG_FILES=\${CONFIG_FILES-"Makefile samples/psk.txt samples/racoon.conf"}
-+CONFIG_FILES=\${CONFIG_FILES-"Makefile samples/psk.txt samples/racoon.conf racoon.8"}
- EOF
- cat >> $CONFIG_STATUS <<\EOF
- for ac_file in .. $CONFIG_FILES; do if test "x$ac_file" != x..; then
diff --git a/security/racoon2/files/patch-ad b/security/racoon2/files/patch-ad
deleted file mode 100644
index 8b8fb3b81fe0..000000000000
--- a/security/racoon2/files/patch-ad
+++ /dev/null
@@ -1,13 +0,0 @@
---- racoon.8.in.orig Tue Jul 4 21:27:59 2000
-+++ racoon.8.in Wed Jul 5 16:17:43 2000
-@@ -97,8 +97,8 @@
- .El
- .\"
- .Sh FILES
--.Bl -tag -width /usr/local/v6/etc/racoon.conf -compact
--.It Pa /usr/local/v6/etc/racoon.conf
-+.Bl -tag -width @sysconfdir@/racoon/racoon.conf -compact
-+.It Pa @sysconfdir@/racoon/racoon.conf
- default configuration file.
- .It Pa /var/log/racoon.log
- default log file.
diff --git a/security/racoon2/files/patch-configure b/security/racoon2/files/patch-configure
new file mode 100644
index 000000000000..08d42370722a
--- /dev/null
+++ b/security/racoon2/files/patch-configure
@@ -0,0 +1,122 @@
+--- configure.in.orig Thu Jan 27 00:35:13 2005
++++ configure.in Tue Feb 1 17:51:25 2005
+@@ -43,7 +43,7 @@
+ dnl support before 1.5.
+ boot_mech_target=install-rc-d
+ ;;
+-freebsd[5-9].*)
++freebsd*)
+ boot_mech_target=install-rc-d
+ ;;
+ *)
+@@ -51,4 +51,5 @@
+ ;;
+ esac
+
+-AC_OUTPUT([Makefile samples/Makefile])
++AC_OUTPUT([Makefile samples/Makefile samples/racoon2.conf])
++AC_OUTPUT([samples/init.d-kinkd samples/init.d-spmd samples/rc.d-kinkd samples/rc.d-spmd])
+diff -ur samples-/init.d-kinkd.in samples/init.d-kinkd.in
+--- samples-/init.d-kinkd.in Tue Feb 1 17:18:58 2005
++++ samples/init.d-kinkd.in Tue Feb 1 17:18:01 2005
+@@ -3,8 +3,11 @@
+ # kinkd start up script
+ #
+
++prefix=@prefix@
++exec_prefix=@exec_prefix@
++
+ NAME=kinkd
+-DAEMON=/usr/local/racoon2/sbin/$NAME
++DAEMON=@sbindir@/$NAME
+ PIDFILE=/var/run/$NAME.pid
+
+ test -x $DAEMON || exit 0
+diff -ur samples-/init.d-spmd.in samples/init.d-spmd.in
+--- samples-/init.d-spmd.in Tue Feb 1 17:18:58 2005
++++ samples/init.d-spmd.in Tue Feb 1 17:18:01 2005
+@@ -1,7 +1,10 @@
+ #! /bin/sh
+
+-PATH=/usr/local/racoon2/sbin:/usr/local/racoon2/bin:$PATH
+-DAEMON=/usr/local/racoon2/sbin/spmd
++prefix=@prefix@
++exec_prefix=@exec_prefix@
++
++PATH=@sbindir@:@bindir@:$PATH
++DAEMON=@sbindir@/spmd
+ DAEMON_OPT=""
+ NAME="spmd"
+
+diff -ur samples-/rc.d-kinkd.in samples/rc.d-kinkd.in
+--- samples/Makefile.in.orig Wed Jan 26 07:43:52 2005
++++ samples/Makefile.in Tue Feb 1 17:54:30 2005
+@@ -17,8 +17,8 @@
+
+ install-rc-d:
+ $(INSTALL) -d $(sysconfdir)/rc.d
+- $(INSTALL) rc.d-kinkd $(sysconfdir)/rc.d/kinkd
+- $(INSTALL) rc.d-spmd $(sysconfdir)/rc.d/spmd
++ $(INSTALL) rc.d-kinkd $(sysconfdir)/rc.d/kinkd.sh
++ $(INSTALL) rc.d-spmd $(sysconfdir)/rc.d/spmd.sh
+
+ install-init-d:
+ $(INSTALL) -d $(sysconfdir)/init.d
+@@ -32,4 +32,4 @@
+ -rm -f *~
+
+ distclean: clean
+- -rm -f Makefile
++ -rm -f Makefile racoon2.conf init.d-kinkd init.d-spmd rc.d-kinkd rc.d-spmd
+--- samples/rc.d-spmd.in.orig Wed Jan 26 07:43:52 2005
++++ samples/rc.d-spmd.in Tue Feb 1 18:31:31 2005
+@@ -3,6 +3,9 @@
+ # spmd rc.d script for NetBSD
+ #
+
++prefix=@prefix@
++exec_prefix=@exec_prefix@
++
+ # PROVIDE: spmd
+ # REQUIRE: isdnd ppp
+ # BEFORE: SERVERS
+@@ -10,10 +13,10 @@
+ . /etc/rc.subr
+
+ name="spmd"
+-rcvar=$name
+-command="/usr/local/racoon2/sbin/${name}"
++rcvar=`set_rcvar`
++command="@sbindir@/${name}"
+ pidfile="/var/run/${name}.pid"
+-required_files="/usr/local/racoon2/etc/racoon2.conf"
++required_files="@sysconfdir@/racoon2.conf"
+ start_precmd="spmd_precmd"
+
+ spmd_precmd()
+--- samples/rc.d-kinkd.in.orig Tue Jan 11 02:00:29 2005
++++ samples/rc.d-kinkd.in Tue Feb 1 18:31:49 2005
+@@ -3,6 +3,9 @@
+ # kinkd rc.d script for NetBSD
+ #
+
++prefix=@prefix@
++exec_prefix=@exec_prefix@
++
+ # PROVIDE: kink
+ # REQUIRE: isdnd kdc ppp
+ # BEFORE: SERVERS
+@@ -11,10 +14,10 @@
+ . /etc/rc.subr
+
+ name="kinkd"
+-rcvar=$name
+-command="/usr/local/racoon2/sbin/${name}"
++rcvar=`set_rcvar`
++command="@sbindir@/${name}"
+ pidfile="/var/run/${name}.pid"
+-required_files="/usr/local/racoon2/etc/racoon2.conf"
++required_files="@sysconfdir@/racoon2.conf"
+
+ load_rc_config $name
+ run_rc_command "$1"
diff --git a/security/racoon2/files/patch-crypto_openssl.c b/security/racoon2/files/patch-crypto_openssl.c
deleted file mode 100644
index 3f243d19c8e2..000000000000
--- a/security/racoon2/files/patch-crypto_openssl.c
+++ /dev/null
@@ -1,42 +0,0 @@
---- crypto_openssl.old.c 2004-04-09 22:25:56.000000000 +0530
-+++ crypto_openssl.c 2004-08-02 20:30:03.000000000 +0530
-@@ -1654,6 +1654,7 @@
-
- HMAC_Final((HMAC_CTX *)c, res->v, &l);
- res->l = l;
-+ HMAC_cleanup((HMAC_CTX *)c);
- (void)racoon_free(c);
-
- if (SHA512_DIGEST_LENGTH != res->l) {
-@@ -1710,6 +1711,7 @@
-
- HMAC_Final((HMAC_CTX *)c, res->v, &l);
- res->l = l;
-+ HMAC_cleanup((HMAC_CTX *)c);
- (void)racoon_free(c);
-
- if (SHA384_DIGEST_LENGTH != res->l) {
-@@ -1766,6 +1768,7 @@
-
- HMAC_Final((HMAC_CTX *)c, res->v, &l);
- res->l = l;
-+ HMAC_cleanup((HMAC_CTX *)c);
- (void)racoon_free(c);
-
- if (SHA256_DIGEST_LENGTH != res->l) {
-@@ -1823,6 +1826,7 @@
-
- HMAC_Final((HMAC_CTX *)c, res->v, &l);
- res->l = l;
-+ HMAC_cleanup((HMAC_CTX *)c);
- (void)racoon_free(c);
-
- if (SHA_DIGEST_LENGTH != res->l) {
-@@ -1879,6 +1883,7 @@
-
- HMAC_Final((HMAC_CTX *)c, res->v, &l);
- res->l = l;
-+ HMAC_cleanup((HMAC_CTX *)c);
- (void)racoon_free(c);
-
- if (MD5_DIGEST_LENGTH != res->l) {
diff --git a/security/racoon2/files/racoon.sh b/security/racoon2/files/racoon.sh
deleted file mode 100644
index ecde585dad87..000000000000
--- a/security/racoon2/files/racoon.sh
+++ /dev/null
@@ -1,42 +0,0 @@
-#!/bin/sh
-
-# Start or stop racoon
-# $FreeBSD$
-
-# PROVIDE: racoon
-# REQUIRE: DAEMON
-# BEFORE: LOGIN
-# KEYWORD: FreeBSD shutdown
-#
-# NOTE for FreeBSD 5.0+:
-# If you want this script to start with the base rc scripts
-# move racoon.sh to /etc/rc.d/racoon
-
-prefix=%%PREFIX%%
-
-# Define these racoon_* variables in one of these files:
-# /etc/rc.conf
-# /etc/rc.conf.local
-# /etc/rc.conf.d/racoon
-#
-# DO NOT CHANGE THESE DEFAULT VALUES HERE
-#
-[ -z "$racoon_enable" ] && racoon_enable="YES" # Enable racoon
-#racoon_program="${prefix}/sbin/racoon" # Location of racoon
-#racoon_flags="" # Flags to racoon program
-
-. %%RC_SUBR%%
-
-name="racoon"
-rcvar=`set_rcvar`
-command="${prefix}/sbin/racoon"
-pidfile="/var/run/racoon.pid"
-required_files="${prefix}/etc/racoon/racoon.conf"
-stop_postcmd="racoon_poststop"
-
-racoon_poststop() {
- /bin/rm -f ${pidfile}
-}
-
-load_rc_config $name
-run_rc_command "$1"
diff --git a/security/racoon2/pkg-descr b/security/racoon2/pkg-descr
index 9470793d9b4b..f646f1b2b11f 100644
--- a/security/racoon2/pkg-descr
+++ b/security/racoon2/pkg-descr
@@ -1,18 +1,21 @@
-racoon speaks IKE (ISAKMP/Oakley) key management protocol, to
-establish security association with other hosts.
+"racoon2" is a system to exchange and to install security parameters
+for the IPsec.
-Known issues:
-- Too many use of dynamic memory allocation, which leads to memory leak.
-- Non-threaded implementation. Simultaneous key negotiation performance
- should be improved.
-- Cannot negotiate keys for per-socket policy.
-- Cryptic configuration syntax - blame IPsec specification too...
-- Needs more documentation.
+Currently the system supports the following specification:
-Design choice, not a bug:
-- racoon negotiate IPsec keys only. It does not negotiate policy. Policy must
- be configured into the kernel separately from racoon. If you want to
- support roaming clients, you may need to have a mechanism to put policy
- for the roaming client after phase 1 finishes.
+ Internet Key Exchange (IKEv2) Protocol
+ draft-ietf-ipsec-ikev2-17.txt
+ (The IKE daemon is not included in the current release due to IPR issue)
+
+ Kerberized Internet Negotiation of Keys (KINK)
+ draft-ietf-kink-kink-06.txt
+
+ PF_KEY Key Management API, Version 2
+ RFC2367
+
+The following protocols will be supported soon.
+
+ The Internet Key Exchange (IKE)
+ RFC2409
WWW: http://www.kame.net/
diff --git a/security/racoon2/pkg-plist b/security/racoon2/pkg-plist
index d9c289662081..1eb5c981d552 100644
--- a/security/racoon2/pkg-plist
+++ b/security/racoon2/pkg-plist
@@ -1,5 +1,9 @@
-sbin/racoon
-etc/racoon/psk.txt.dist
-etc/racoon/racoon.conf.dist
-etc/rc.d/racoon.sh
-@unexec rmdir %D/etc/racoon 2>/dev/null || true
+sbin/spmd
+sbin/kinkd
+etc/racoon2.conf.sample
+etc/rc.d/spmd.sh
+etc/rc.d/kinkd.sh
+%%PORTDOCS%%%%DOCSDIR%%/COPYRIGHT
+%%PORTDOCS%%%%DOCSDIR%%/COPYRIGHT.jp
+%%PORTDOCS%%%%DOCSDIR%%/README
+%%PORTDOCS%%%%DOCSDIR%%/README.iked