Upgrade to 20061228a. IKEv1 has been supported.

author: sumikawa <sumikawa@FreeBSD.org> 2006-12-30 19:46:48 +0800
committer: sumikawa <sumikawa@FreeBSD.org> 2006-12-30 19:46:48 +0800
commit: bfe2bc4c42b35f0550cb7ef93d7f396f8bcf3d14 (patch)
tree: 3c70bcd15e61b75a6088a37703147245822947c5 /security
parent: 5f8974ac502ba2bf0fb94cc2c1859966b591f965 (diff)
download: freebsd-ports-gnome-bfe2bc4c42b35f0550cb7ef93d7f396f8bcf3d14.tar.gz
freebsd-ports-gnome-bfe2bc4c42b35f0550cb7ef93d7f396f8bcf3d14.tar.zst
freebsd-ports-gnome-bfe2bc4c42b35f0550cb7ef93d7f396f8bcf3d14.zip
8 files changed, 5 insertions, 269 deletions
diff --git a/security/racoon2/Makefile b/security/racoon2/Makefile
index 8f698b767d5b..d2a5bd78956c 100644
--- a/security/racoon2/Makefile
+++ b/security/racoon2/Makefile
@@ -6,7 +6,7 @@
 #
 
 PORTNAME=	racoon2
-PORTVERSION=	20060712a
+PORTVERSION=	20061228a
 CATEGORIES=	security net ipv6
 MASTER_SITES=	ftp://ftp.racoon2.wide.ad.jp/pub/racoon2/
 EXTRACT_SUFX=	.tgz
diff --git a/security/racoon2/distinfo b/security/racoon2/distinfo
index 6c2f9f52683e..70cc53135dd7 100644
--- a/security/racoon2/distinfo
+++ b/security/racoon2/distinfo
@@ -1,3 +1,3 @@
-MD5 (racoon2-20060712a.tgz) = 50f9d66a136d80b7f07f67566f4da74d
-SHA256 (racoon2-20060712a.tgz) = 5635f825fe59da02a76b8e38b4ac8a99fd5b0b856c5c3ca953b99d004014bc35
-SIZE (racoon2-20060712a.tgz) = 714616
+MD5 (racoon2-20061228a.tgz) = 7e22560ed658171da0ee9952c981b9e5
+SHA256 (racoon2-20061228a.tgz) = 2339a4b85591f2d74f0f51de5b56b13a3c3a8686054c8bc152c951cc9827cb3e
+SIZE (racoon2-20061228a.tgz) = 961651
diff --git a/security/racoon2/files/patch-iked-ikev2.c b/security/racoon2/files/patch-iked-ikev2.c
deleted file mode 100644
index ae87b8660990..000000000000
--- a/security/racoon2/files/patch-iked-ikev2.c
+++ /dev/null
@@ -1,59 +0,0 @@
---- iked/ikev2.c.orig	Thu Jul  6 05:41:11 2006
-+++ iked/ikev2.c	Wed Sep 20 15:24:24 2006
-@@ -556,7 +556,7 @@
- 	       ike_sa, packet, (int)packet->l));
- 	if (packet->l > IKEV2_SHOULD_SUPPORT_PACKET_SIZE) {
- 		INFO((PLOGLOC,
--		      "packet size (%d) larger than recommended implementation minimum (%d)\n",
-+		      "packet size (%zu) larger than recommended implementation minimum (%d)\n",
- 		      packet->l, IKEV2_SHOULD_SUPPORT_PACKET_SIZE));
- 	}
- 
-@@ -1340,9 +1340,9 @@
- 	}
- 	dhlen = get_payload_length(&ke->header) - sizeof(struct ikev2payl_ke);
- 	if (dhlen != dh_value_len((struct dhgroup *)negotiated_sa->dhdef->definition)) {
--		TRACE((PLOGLOC, "KE data length %d, should be %lu\n",
-+		TRACE((PLOGLOC, "KE data length %d, should be %zu\n",
- 		       dhlen,
--		       (unsigned long)dh_value_len((struct dhgroup *)negotiated_sa->dhdef->definition)));
-+		       dh_value_len((struct dhgroup *)negotiated_sa->dhdef->definition)));
- 		/* send INVALID_SYNTAX ??? */
- 		goto malformed_payload;
- 	}
-@@ -3175,9 +3175,9 @@
- 			/* send repsonse INVALID_SYNTAX */
- 			isakmp_log(ike_sa, local, remote, msg,
- 				   PLOG_INTERR, PLOGLOC,
--				   "invalid KE payload (data length %u != %lu)\n",
-+				   "invalid KE payload (data length %u != %zu)\n",
- 				   dhlen,
--				   (unsigned long)dh_value_len((struct dhgroup *)dhdef->definition));
-+				   dh_value_len((struct dhgroup *)dhdef->definition));
- 			goto respond_invalid_syntax;
- 		}
- 
-@@ -3606,10 +3606,9 @@
- 		if (dhlen != dh_value_len((struct dhgroup *)dhdef->definition)) {
- 			isakmp_log(ike_sa, local, remote, msg,
- 				   PLOG_INTERR, PLOGLOC,
--				   "invalid KE payload (data length %u != %lu)\n",
-+				   "invalid KE payload (data length %u != %zu)\n",
- 				   dhlen,
--				   (unsigned long)dh_value_len((struct dhgroup *)dhdef->
--						definition));
-+				   dh_value_len((struct dhgroup *)dhdef->definition));
- 			++isakmpstat.malformed_payload;
- 			goto abort;
- 		}
-@@ -5146,8 +5145,8 @@
- 		/* shouldn't happen */
- 		isakmp_log(sa, 0, 0, 0,
- 			   PLOG_PROTOERR, PLOGLOC,
--			   "requrired key length %lu exceeds 255 times the output of PRF %lu\n",
--			   (u_long)need_len, (u_long)prf_output_len);
-+			   "requrired key length %zd exceeds 255 times the output of PRF %zu\n",
-+			   need_len, prf_output_len);
- 		return 0;
- 	}
- 
diff --git a/security/racoon2/files/patch-iked-ikev2_payload.c b/security/racoon2/files/patch-iked-ikev2_payload.c
deleted file mode 100644
index 1d91b6867cdc..000000000000
--- a/security/racoon2/files/patch-iked-ikev2_payload.c
+++ /dev/null
@@ -1,107 +0,0 @@
---- iked/ikev2_payload.c.orig	Thu Jul  6 06:36:39 2006
-+++ iked/ikev2_payload.c	Wed Sep 20 15:24:24 2006
-@@ -106,14 +106,14 @@
- 	bytes = packet->l;
- 	if (bytes < sizeof(struct ikev2_header)) {
- 		TRACE((PLOGLOC,
--		       "packet length %d is shorter than ikev2 header\n",
-+		       "packet length %zu is shorter than ikev2 header\n",
- 		       bytes));
- 		return -1;
- 	}
- 	if (bytes != get_uint32(&hdr->length)) {
- 		/* actually, shouldn't happen since already checked in isakmp.c */
- 		TRACE((PLOGLOC,
--		       "packet length does not match with length field of ikev2 header (%d != %d)\n",
-+		       "packet length does not match with length field of ikev2 header (%zu != %u)\n",
- 		       bytes, get_uint32(&hdr->length)));
- 		return -1;
- 	}
-@@ -125,7 +125,7 @@
- 	     POINT_NEXT_PAYLOAD(p, type)) {
- 		if (bytes < sizeof(struct ikev2_payload_header)) {
- 			TRACE((PLOGLOC,
--			       "offset 0x%x: packet remaining (%d) can't hold payload header\n",
-+			       "offset 0x%x: packet remaining (%zu) can't hold payload header\n",
- 			       packet->l - bytes, bytes));
- 			return -1;
- 		}
-@@ -135,7 +135,7 @@
- 		       payload_length));
- 		if (bytes < payload_length) {
- 			TRACE((PLOGLOC,
--			       "payload length (%d) longer than packet remaining (%d)\n",
-+			       "payload length (%d) longer than packet remaining (%zu)\n",
- 			       payload_length, bytes));
- 			return -1;
- 		}
-@@ -148,7 +148,7 @@
- 		if (IKEV2_PAYLOAD_TYPE_DEFINED(type) &&
- 		    payload_length < IKEV2_PAYLOAD_TYPES(type).minimum_length) {
- 			TRACE((PLOGLOC,
--			       "payload length (%d) is shorter than minimum (%d)\n",
-+			       "payload length (%d) is shorter than minimum (%zu)\n",
- 			       payload_length,
- 			       IKEV2_PAYLOAD_TYPES(type).minimum_length));
- 			return -1;
-@@ -174,7 +174,7 @@
- 				if (payload_length <
- 				    sizeof(struct ikev2payl_notify) + n->nh.spi_size) {
- 					TRACE((PLOGLOC,
--					       "payload length (%d) is shorter than expected (%d)\n",
-+					       "payload length (%d) is shorter than expected (%zu)\n",
- 					       payload_length,
- 					       sizeof(struct ikev2payl_notify) +
- 					       n->nh.spi_size));
-@@ -190,7 +190,7 @@
- 				    sizeof(struct ikev2payl_delete) +
- 				    d->dh.spi_size * get_uint16(&d->dh.num_spi)) {
- 					TRACE((PLOGLOC,
--					       "payload length (%d) is shorter than expected (%d)\n",
-+					       "payload length (%d) is shorter than expected (%zu)\n",
- 					       payload_length,
- 					       sizeof(struct ikev2payl_delete) +
- 					       d->dh.spi_size * get_uint16(&d->dh.num_spi)));
-@@ -308,7 +308,7 @@
- 	TRACE((PLOGLOC, "TS payload len %d num_ts %d\n",
- 	       get_payload_length(payload), ts_payload->tsh.num_ts));
- 	if (get_payload_length(ts_payload) < sizeof(struct ikev2payl_traffic_selector)) {
--		TRACE((PLOGLOC, "short TS payload (%d < %d)\n",
-+		TRACE((PLOGLOC, "short TS payload (%u < %zu)\n",
- 		       get_payload_length(ts_payload),
- 		       sizeof(struct ikev2payl_traffic_selector)));
- 		return -1;
-@@ -321,7 +321,7 @@
- 	for (i = 0; i < ts_payload->tsh.num_ts; ++i) {
- 		if (ts_bytes < sizeof(struct ikev2_traffic_selector)) {
- 			TRACE((PLOGLOC,
--			       "TS overflows payload length (%d < %d)\n",
-+			       "TS overflows payload length (%zu < %zu)\n",
- 			       ts_bytes,
- 			       sizeof(struct ikev2_traffic_selector)));
- 			return -1;	/* short payload */
-@@ -338,13 +338,13 @@
- 		 * assert sizeof(...)+2*addrsize <= ts_len <= ts_bytes
- 		 */
- 		if (ts_len < sizeof(struct ikev2_traffic_selector) + 2 * addrsize) {	/* ??? */
--			TRACE((PLOGLOC, "short traffic selector (%d < %d)\n",
-+			TRACE((PLOGLOC, "short traffic selector (%u < %zu)\n",
- 			       ts_len,
- 			       sizeof(struct ikev2_traffic_selector) + 2 * addrsize));
- 			return -1;
- 		}
- 		if (ts_bytes < ts_len) {
--			TRACE((PLOGLOC, "TS overflows payload boundary (%d < %d)\n",
-+			TRACE((PLOGLOC, "TS overflows payload boundary (%zu < %u)\n",
- 			       ts_bytes, ts_len));
- 			return -1;	/* short payload */
- 		}
-@@ -396,7 +396,7 @@
- 	if (get_payload_data_length(p) < icv_len) {
- 		isakmp_log(ike_sa, 0, 0, 0,
- 			   PLOG_PROTOERR, PLOGLOC,
--			   "payload content length (%d) shorter than expected ICV length (%d)\n",
-+			   "payload content length (%zd) shorter than expected ICV length (%zu)\n",
- 			   get_payload_data_length(p), icv_len);
- 		goto fail;	/* malformed */
- 	}
diff --git a/security/racoon2/files/patch-lib-if_spmd.c b/security/racoon2/files/patch-lib-if_spmd.c
deleted file mode 100644
index bb98f6683ee9..000000000000
--- a/security/racoon2/files/patch-lib-if_spmd.c
+++ /dev/null
@@ -1,18 +0,0 @@
---- lib/if_spmd.c.orig	Wed Nov 16 09:34:30 2005
-+++ lib/if_spmd.c	Mon Aug 21 14:49:19 2006
-@@ -1,4 +1,4 @@
--/* $Id: if_spmd.c,v 1.23 2005/11/16 00:34:30 kamada Exp $ */
-+/* $Id: if_spmd.c,v 1.24 2006/07/25 10:48:45 fukumoto Exp $ */
- /*
-  * Copyright (C) 2003, 2004 WIDE Project.
-  * All rights reserved.
-@@ -940,7 +940,8 @@
- {
- 	unsigned char md[EVP_MAX_MD_SIZE];
- 	EVP_MD_CTX ctx;
--	size_t hash_len, md_len;
-+	size_t hash_len;
-+	unsigned int md_len;
- 	int error, used, i;
- 	char *p;
- 
diff --git a/security/racoon2/files/patch-pskgen-Makefile.in b/security/racoon2/files/patch-pskgen-Makefile.in
deleted file mode 100644
index 8d5beb595351..000000000000
--- a/security/racoon2/files/patch-pskgen-Makefile.in
+++ /dev/null
@@ -1,11 +0,0 @@
---- pskgen/Makefile.in.orig	Tue Nov  8 05:53:51 2005
-+++ pskgen/Makefile.in	Sat Jul 15 17:48:57 2006
-@@ -18,7 +18,7 @@
- 
- install: all
- 	$(INSTALL) -d $(sbindir)
--	$(INSTALL_PROGRAM) $(PROG) $(sbindir)
-+	$(INSTALL_SCRIPT) $(PROG) $(sbindir)
- 	$(INSTALL_DATA) $(PROG).8 $(mandir)/man8
- 
- depend:
diff --git a/security/racoon2/files/patch-spmd-shell.c b/security/racoon2/files/patch-spmd-shell.c
deleted file mode 100644
index 823c4983e8e6..000000000000
--- a/security/racoon2/files/patch-spmd-shell.c
+++ /dev/null
@@ -1,67 +0,0 @@
---- spmd/shell.c.orig	Sat Jun 17 19:46:58 2006
-+++ spmd/shell.c	Wed Sep 20 15:24:27 2006
-@@ -1,4 +1,4 @@
--/* $Id: shell.c,v 1.105 2006/06/18 02:46:58 sinoue Exp $ */ 
-+/* $Id: shell.c,v 1.108 2006/07/25 10:57:54 fukumoto Exp $ */ 
- /*
-  * Copyright (C) 2003 WIDE Project.
-  * All rights reserved.
-@@ -653,7 +653,7 @@
- 	const EVP_MD *m;
- 	EVP_MD_CTX ctx;
- 	unsigned char digest[EVP_MAX_MD_SIZE];
--	size_t digest_len;
-+	unsigned int digest_len;
- 
- 	OpenSSL_add_all_digests();
- 	if (!(m = EVP_get_digestbyname("sha1"))) {
-@@ -782,7 +782,7 @@
- spmd_passwd_check(char *str, struct spmd_cid *cid)
- {
- 	size_t ret;
--	size_t len,plen,slen;
-+	size_t plen,slen;
- 	char *passwd = shell_cfg_get_password();
- 
- 	if (!str||!cid||!passwd) {
-@@ -807,13 +807,12 @@
- 	plen = strlen(cid->hash);
- 	slen = strlen(str);
- 
--	len = slen >= plen ? plen : -1;
--	if (len < 0) {
-+	if (slen < plen) {
- 		ret = -1;
- 		goto fin;
- 	}
- 
--	ret = strncmp(cid->hash, str, len); 
-+	ret = strncmp(cid->hash, str, plen); 
- 
- fin:
- 
-@@ -1456,7 +1455,7 @@
- 		if (spmd_spd_update(sl1, rc1, not_urgent)<0) {
- 			strlcpy(status, "550 ", sizeof(status));
- 			snprintf(buf, sizeof(buf), "%sOperation Failed(sl_index=%.*s)\r\n", 
--							status, sl1->sl_index->l, sl1->sl_index->v);
-+							status, (int)sl1->sl_index->l, sl1->sl_index->v);
- 			goto err_fin;
- 		}
- 
-@@ -1486,13 +1485,13 @@
- 		if (spmd_spd_update(sl2, rc2, not_urgent)<0) {
- 			strlcpy(status, "550 ", sizeof(status));
- 			snprintf(buf, sizeof(buf), "%sOperation Failed(sl_index=%.*s)\r\n", 
--							status, sl2->sl_index->l, sl2->sl_index->v);
-+							status, (int)sl2->sl_index->l, sl2->sl_index->v);
- 			goto err_fin;
- 		}
- 
- 		strlcpy(status, "250 ", sizeof(status));
- 		snprintf(buf, sizeof(buf), "%sPolicy Added %.*s and %.*s\r\n", 
--			status, sl1->sl_index->l, sl1->sl_index->v, sl2->sl_index->l, sl2->sl_index->v);
-+			status, (int)sl1->sl_index->l, sl1->sl_index->v, (int)sl2->sl_index->l, sl2->sl_index->v);
- 		goto fin;
- 	} else if (!strncasecmp(sh_argv[0], "DELETE", strlen("DELETE"))) { 
- 		if (sh_argc != 2) {
diff --git a/security/racoon2/pkg-descr b/security/racoon2/pkg-descr
index a43aeccabe90..e2ad4fe034aa 100644
--- a/security/racoon2/pkg-descr
+++ b/security/racoon2/pkg-descr
@@ -12,9 +12,7 @@ Currently the system supports the following specification:
 	PF_KEY Key Management API, Version 2
 	RFC2367
 	
-The following protocols will be supported soon.
-
 	The Internet Key Exchange (IKE)
 	RFC2409
 
-WWW: http://www.kame.net/
+WWW: http://www.racoon2.wide.ad.jp/
author	sumikawa <sumikawa@FreeBSD.org>	2006-12-30 19:46:48 +0800
committer	sumikawa <sumikawa@FreeBSD.org>	2006-12-30 19:46:48 +0800
commit	bfe2bc4c42b35f0550cb7ef93d7f396f8bcf3d14 (patch)
tree	3c70bcd15e61b75a6088a37703147245822947c5 /security
parent	5f8974ac502ba2bf0fb94cc2c1859966b591f965 (diff)
download	freebsd-ports-gnome-bfe2bc4c42b35f0550cb7ef93d7f396f8bcf3d14.tar.gz freebsd-ports-gnome-bfe2bc4c42b35f0550cb7ef93d7f396f8bcf3d14.tar.zst freebsd-ports-gnome-bfe2bc4c42b35f0550cb7ef93d7f396f8bcf3d14.zip