- Update to 5.0.1

- Change maintainer address
- Trim Makefile header
- Convert to new options framework
- Cleanup

PR:		ports/173860 (based on)
Submitted by:	Riaan Kruger (maintainer)

5 files changed, 106 insertions, 84 deletions

diff --git a/security/strongswan/Makefile b/security/strongswan/Makefile
index 6e28fdc7a830..32a35f845546 100644
--- a/security/strongswan/Makefile
+++ b/security/strongswan/Makefile
@@ -1,29 +1,22 @@
-# New ports collection makefile for:	strongswan
-# Date created:				30 May 2010
-# Whom:					<riaank@gmail.com>
-#
+# Created by: Riaan Kruger <riaank@gmail.com>
 # $FreeBSD$
 
 PORTNAME=	strongswan
-PORTVERSION=	4.5.3
+PORTVERSION=	5.0.1
 CATEGORIES=	security
 MASTER_SITES=	http://download.strongswan.org/ \
 		http://download2.strongswan.org/
 
-MAINTAINER=	riaank@gmail.com
+MAINTAINER=	strongswan@nanoteq.com
 COMMENT=	Open Source IKEv2 IPsec-based VPN solution
 
-OPTIONS=	SQLITE		"Enable SQLite" off \
-		MYSQL		"Enable MySQL" off \
-		CURL		"Enable CURL to fetch CRL/OCSP" off \
-		EAPAKA3GPP2	"Enable EAP AKA with 3gpp2 backend" off \
-		EAPSIMFILE	"Enable EAP SIM with filebased backend" off
+LIB_DEPENDS=	execinfo:${PORTSDIR}/devel/libexecinfo
 
-USE_RC_SUBR=	strongswan
 USE_BZIP2=	yes
+USE_OPENSSL=	yes
 USE_AUTOTOOLS=	libtool
+USE_RC_SUBR=	strongswan.sh
 GNU_CONFIGURE=	yes
-USE_OPENSSL=	yes
 USE_LDCONFIG=	yes
 
 CONFIGURE_ARGS=	--enable-kernel-pfkey \
@@ -31,13 +24,14 @@ CONFIGURE_ARGS=	--enable-kernel-pfkey \
 		--disable-kernel-netlink  \
 		--disable-tools  \
 		--disable-scripts  \
-		--disable-pluto  \
 		--disable-gmp \
 		--enable-openssl \
 		--enable-eap-identity \
 		--enable-eap-md5 \
 		--enable-eap-tls \
 		--enable-eap-mschapv2 \
+		--enable-eap-peap \
+		--enable-eap-ttls \
 		--enable-md4 \
 		--enable-blowfish \
 		--enable-addrblock \
@@ -46,37 +40,63 @@ CONFIGURE_ARGS=	--enable-kernel-pfkey \
 		--with-lib-prefix=${PREFIX}
 
 # Man pages with default install
-MAN3=	anyaddr.3 atoaddr.3 atoasr.3 atoul.3 goodmask.3 initaddr.3 \
-	initsubnet.3 portof.3 rangetosubnet.3 sameaddr.3 subnetof.3 \
-	ttoaddr.3 ttodata.3 ttosa.3 ttoul.3
 MAN5=	ipsec.conf.5 ipsec.secrets.5 strongswan.conf.5
 MAN8=	ipsec.8 _updown.8 _updown_espmark.8
 
-.include <bsd.port.pre.mk>
+OPTIONS_DEFINE=	CURL EAPAKA3GPP2 EAPSIMFILE IKEv1 LDAP MYSQL SQLITE
+CURL_DESC=	Enable CURL to fetch CRL/OCSP
+EAPAKA3GPP2_DESC=	Enable EAP AKA with 3gpp2 backend
+EAPSIMFILE_DESC=	Enable EAP SIM with file backend
+IKEv1_DESC=	Enable IKEv1 support (Experimental)
 
-# Requires FreeBSD 8 and above to work
-.if ${OSVERSION} < 800000
-IGNORE=		requires at least FreeBSD 8.X
-.endif
+.include <bsd.port.options.mk>
 
 # Extra options
-.if defined(WITH_SQLITE) || defined (WITH_MYSQL)
-CONFIGURE_ARGS+=	--enable-attr-sql
-CONFIGURE_ARGS+=	--enable-sql
-PLIST_SUB+=	SQL=""
+.if ${PORT_OPTIONS:MCURL}
+CONFIGURE_ARGS+=	--enable-curl
+LIB_DEPENDS+=	curl:${PORTSDIR}/ftp/curl
+PLIST_SUB+=	CURL=""
 .else
-PLIST_SUB+=	SQL="@comment "
+PLIST_SUB+=	CURL="@comment "
 .endif
 
-.if defined(WITH_SQLITE)
-CONFIGURE_ARGS+=	--enable-sqlite
-LIB_DEPENDS += sqlite3.8:${PORTSDIR}/databases/sqlite3
-PLIST_SUB+=	SQLITE=""
+.if ${PORT_OPTIONS:MEAPSIMFILE}
+CONFIGURE_ARGS+=	--enable-eap-sim --enable-eap-sim-file
+PLIST_SUB+=	EAPSIMFILE=""
 .else
-PLIST_SUB+=	SQLITE="@comment "
+PLIST_SUB+=	EAPSIMFILE="@comment "
+.endif
+
+.if ${PORT_OPTIONS:MEAPAKA3GPP2}
+CONFIGURE_ARGS+=	--enable-eap-aka --enable-eap-aka-3gpp2
+LIB_DEPENDS+=	gmp:${PORTSDIR}/math/gmp
+PLIST_SUB+=	EAPAKA3GPP2=""
+.else
+PLIST_SUB+=	EAPAKA3GPP2="@comment "
+.endif
+
+.if ${PORT_OPTIONS:MEAPSIMFILE} || ${PORT_OPTIONS:MEAPAKA3GPP2}
+PLIST_SUB+=SIMAKA=""
+.else
+PLIST_SUB+=SIMAKA="@comment "
 .endif
 
-.if defined(WITH_MYSQL)
+.if ${PORT_OPTIONS:MIKEv1}
+PLIST_SUB+=	IKEv1=""
+.else
+CONFIGURE_ARGS+=	--disable-ikev1
+PLIST_SUB+=	IKEv1="@comment "
+.endif
+
+.if ${PORT_OPTIONS:MLDAP}
+USE_OPENLDAP=	yes
+CONFIGURE_ARGS+=	--enable-ldap
+PLIST_SUB+=	LDAP=""
+.else
+PLIST_SUB+=	LDAP="@comment "
+.endif
+
+.if ${PORT_OPTIONS:MMYSQL}
 CONFIGURE_ARGS+=	--enable-mysql
 USE_MYSQL=	yes
 PLIST_SUB+=	MYSQL=""
@@ -84,30 +104,26 @@ PLIST_SUB+=	MYSQL=""
 PLIST_SUB+=	MYSQL="@comment "
 .endif
 
-.if defined(WITH_CURL)
-CONFIGURE_ARGS+=	--enable-curl
-LIB_DEPENDS+=	curl.6:${PORTSDIR}/ftp/curl
-PLIST_SUB+=	CURL=""
+.if ${PORT_OPTIONS:MSQLITE}
+CONFIGURE_ARGS+=	--enable-sqlite
+LIB_DEPENDS+=	sqlite3:${PORTSDIR}/databases/sqlite3
+PLIST_SUB+=	SQLITE=""
 .else
-PLIST_SUB+=	CURL="@comment "
+PLIST_SUB+=	SQLITE="@comment "
 .endif
 
-.if defined(WITH_EAPSIMFILE)
-CONFIGURE_ARGS+=	--enable-eap-sim
-CONFIGURE_ARGS+=	--enable-eap-sim-file
-PLIST_SUB+=	EAPSIMFILE=""
+.if ${PORT_OPTIONS:MMYSQL} || ${PORT_OPTIONS:MSQLITE}
+CONFIGURE_ARGS+=	--enable-attr-sql --enable-sql
+PLIST_SUB+=	SQL=""
 .else
-PLIST_SUB+=	EAPSIMFILE="@comment "
+PLIST_SUB+=	SQL="@comment "
 .endif
 
-.if defined(WITH_EAPAKA3GPP2)
-CONFIGURE_ARGS+=	--enable-eap-aka
-CONFIGURE_ARGS+=	--enable-eap-aka-3gpp2
-CONFIGURE_ARGS+=	--enable-gmp
-LIB_DEPENDS+=	gmp.10:${PORTSDIR}/math/gmp
-PLIST_SUB+=	EAPAKA3GPP2=""
-.else
-PLIST_SUB+=	EAPAKA3GPP2="@comment "
+.include <bsd.port.pre.mk>
+
+# Requires FreeBSD 8 and above to work
+.if ${OSVERSION} < 800000
+IGNORE=		requires at least FreeBSD 8.X
 .endif
 
 .include <bsd.port.post.mk>
diff --git a/security/strongswan/distinfo b/security/strongswan/distinfo
index 6dfa1da75c9d..05d53887153a 100644
--- a/security/strongswan/distinfo
+++ b/security/strongswan/distinfo
@@ -1,2 +1,2 @@
-SHA256 (strongswan-4.5.3.tar.bz2) = a59fa0d9820fb06a3c848f4537b9256d2067265ad10e1b007b79f3b16279f1ff
-SIZE (strongswan-4.5.3.tar.bz2) = 3299522
+SHA256 (strongswan-5.0.1.tar.bz2) = 1a4dff19ef69d15e0b90b1ea80bd183235ac73b4ecd114aab58ed54de0f5c3b4
+SIZE (strongswan-5.0.1.tar.bz2) = 3146776
diff --git a/security/strongswan/files/patch-src__ipsec__ipsec.in b/security/strongswan/files/patch-src__ipsec__ipsec.in
deleted file mode 100644
index eb1118ba85b1..000000000000
--- a/security/strongswan/files/patch-src__ipsec__ipsec.in
+++ /dev/null
@@ -1,20 +0,0 @@
-diff -ur srcold/ipsec/ipsec.in src/ipsec/ipsec.in
---- srcold/ipsec/ipsec.in	2011-09-22 08:39:26.589952124 +0200
-+++ src/ipsec/ipsec.in	2011-09-22 08:39:44.640945476 +0200
-@@ -19,6 +19,7 @@
- export PATH
- 
- # name and version of the ipsec implementation
-+OS_NAME=`uname -s`
- IPSEC_NAME="@IPSEC_NAME@"
- IPSEC_VERSION="U@IPSEC_VERSION@/K`uname -r`"
- 
-@@ -378,7 +379,7 @@
- 	fi
- 	;;
- version|--version)
--	printf "Linux $IPSEC_NAME $IPSEC_VERSION\n"
-+	printf "$OS_NAME $IPSEC_NAME $IPSEC_VERSION\n"
- 	printf "$IPSEC_DISTRO\n"
- 	printf "See 'ipsec --copyright' for copyright information.\n"
- 	exit 0
diff --git a/security/strongswan/files/strongswan.in b/security/strongswan/files/strongswan.sh.in
index 8f6bb47ce4aa..75544f4b67aa 100644
--- a/security/strongswan/files/strongswan.in
+++ b/security/strongswan/files/strongswan.sh.in
@@ -1,23 +1,17 @@
 #!/bin/sh
-
+# Start or stop strongswan
 # $FreeBSD$
 
 # PROVIDE: strongswan
-# REQUIRE: LOGIN
+# REQUIRE: DAEMON
+# BEFORE: LOGIN
 # KEYWORD: shutdown
 
-# Add the following lines to /etc/rc.conf.local or /etc/rc.conf
-# to enable this service:
-#
-# strongswan_enable (bool):   Set to NO by default.
-#               Set it to YES to enable strongswan.
-
+command="%%PREFIX%%/sbin/ipsec"
 . /etc/rc.subr
 
 name="strongswan"
-rcvar=strongswan_enable
-
-command="%%PREFIX%%/sbin/ipsec"
+rcvar=`set_rcvar`
 extra_commands="reload statusall"
 
 load_rc_config $name
@@ -29,9 +23,11 @@ status_cmd="strongswan_command status"
 reload_cmd="strongswan_command reload"
 statusall_cmd="strongswan_command statusall"
 
+
 strongswan_command()
 {
 	$command ${rc_arg}
 }
 
 run_rc_command "$1"
+
diff --git a/security/strongswan/pkg-plist b/security/strongswan/pkg-plist
index 036e76d4b621..645d4737a74c 100644
--- a/security/strongswan/pkg-plist
+++ b/security/strongswan/pkg-plist
@@ -12,6 +12,10 @@ lib/ipsec/libstrongswan.a
 lib/ipsec/libstrongswan.la
 lib/ipsec/libstrongswan.so
 lib/ipsec/libstrongswan.so.0
+lib/ipsec/libtls.a
+lib/ipsec/libtls.la
+lib/ipsec/libtls.so
+lib/ipsec/libtls.so.0
 lib/ipsec/plugins/libstrongswan-addrblock.a
 lib/ipsec/plugins/libstrongswan-addrblock.la
 lib/ipsec/plugins/libstrongswan-addrblock.so
@@ -24,6 +28,9 @@ lib/ipsec/plugins/libstrongswan-attr.so
 lib/ipsec/plugins/libstrongswan-blowfish.a
 lib/ipsec/plugins/libstrongswan-blowfish.la
 lib/ipsec/plugins/libstrongswan-blowfish.so
+lib/ipsec/plugins/libstrongswan-cmac.a
+lib/ipsec/plugins/libstrongswan-cmac.la
+lib/ipsec/plugins/libstrongswan-cmac.so
 lib/ipsec/plugins/libstrongswan-constraints.a
 lib/ipsec/plugins/libstrongswan-constraints.la
 lib/ipsec/plugins/libstrongswan-constraints.so
@@ -42,9 +49,15 @@ lib/ipsec/plugins/libstrongswan-eap-md5.so
 lib/ipsec/plugins/libstrongswan-eap-mschapv2.a
 lib/ipsec/plugins/libstrongswan-eap-mschapv2.la
 lib/ipsec/plugins/libstrongswan-eap-mschapv2.so
+lib/ipsec/plugins/libstrongswan-eap-peap.a
+lib/ipsec/plugins/libstrongswan-eap-peap.la
+lib/ipsec/plugins/libstrongswan-eap-peap.so
 lib/ipsec/plugins/libstrongswan-eap-tls.a
 lib/ipsec/plugins/libstrongswan-eap-tls.la
 lib/ipsec/plugins/libstrongswan-eap-tls.so
+lib/ipsec/plugins/libstrongswan-eap-ttls.a
+lib/ipsec/plugins/libstrongswan-eap-ttls.la
+lib/ipsec/plugins/libstrongswan-eap-ttls.so
 lib/ipsec/plugins/libstrongswan-fips-prf.a
 lib/ipsec/plugins/libstrongswan-fips-prf.la
 lib/ipsec/plugins/libstrongswan-fips-prf.so
@@ -63,6 +76,9 @@ lib/ipsec/plugins/libstrongswan-md4.so
 lib/ipsec/plugins/libstrongswan-md5.a
 lib/ipsec/plugins/libstrongswan-md5.la
 lib/ipsec/plugins/libstrongswan-md5.so
+lib/ipsec/plugins/libstrongswan-nonce.a
+lib/ipsec/plugins/libstrongswan-nonce.la
+lib/ipsec/plugins/libstrongswan-nonce.so
 lib/ipsec/plugins/libstrongswan-openssl.a
 lib/ipsec/plugins/libstrongswan-openssl.la
 lib/ipsec/plugins/libstrongswan-openssl.so
@@ -75,6 +91,9 @@ lib/ipsec/plugins/libstrongswan-pgp.so
 lib/ipsec/plugins/libstrongswan-pkcs1.a
 lib/ipsec/plugins/libstrongswan-pkcs1.la
 lib/ipsec/plugins/libstrongswan-pkcs1.so
+lib/ipsec/plugins/libstrongswan-pkcs8.a
+lib/ipsec/plugins/libstrongswan-pkcs8.la
+lib/ipsec/plugins/libstrongswan-pkcs8.so
 lib/ipsec/plugins/libstrongswan-pubkey.a
 lib/ipsec/plugins/libstrongswan-pubkey.la
 lib/ipsec/plugins/libstrongswan-pubkey.so
@@ -119,6 +138,10 @@ libexec/ipsec/starter
 libexec/ipsec/stroke
 libexec/ipsec/whitelist
 sbin/ipsec
+%%SIMAKA%%lib/ipsec/libsimaka.a
+%%SIMAKA%%lib/ipsec/libsimaka.la
+%%SIMAKA%%lib/ipsec/libsimaka.so
+%%SIMAKA%%lib/ipsec/libsimaka.so.0
 %%EAPAKA3GPP2%%lib/ipsec/plugins/libstrongswan-eap-aka.a
 %%EAPAKA3GPP2%%lib/ipsec/plugins/libstrongswan-eap-aka.la
 %%EAPAKA3GPP2%%lib/ipsec/plugins/libstrongswan-eap-aka.so
@@ -137,6 +160,12 @@ sbin/ipsec
 %%CURL%%lib/ipsec/plugins/libstrongswan-curl.a
 %%CURL%%lib/ipsec/plugins/libstrongswan-curl.la
 %%CURL%%lib/ipsec/plugins/libstrongswan-curl.so
+%%IKEv1%%lib/ipsec/plugins/libstrongswan-xauth-generic.a
+%%IKEv1%%lib/ipsec/plugins/libstrongswan-xauth-generic.la
+%%IKEv1%%lib/ipsec/plugins/libstrongswan-xauth-generic.so
+%%LDAP%%lib/ipsec/plugins/libstrongswan-ldap.a
+%%LDAP%%lib/ipsec/plugins/libstrongswan-ldap.la
+%%LDAP%%lib/ipsec/plugins/libstrongswan-ldap.so
 %%MYSQL%%lib/ipsec/plugins/libstrongswan-mysql.a
 %%MYSQL%%lib/ipsec/plugins/libstrongswan-mysql.la
 %%MYSQL%%lib/ipsec/plugins/libstrongswan-mysql.so
@@ -162,6 +191,7 @@ sbin/ipsec
 @dirrm etc/ipsec.d/acerts
 @dirrm etc/ipsec.d/aacerts
 @dirrm etc/ipsec.d
+@exec mkdir -p %D/etc/ipsec.d
 @exec mkdir -p %D/etc/ipsec.d/reqs
 @exec mkdir -p %D/etc/ipsec.d/private
 @exec mkdir -p %D/etc/ipsec.d/ocspcerts