aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--security/Makefile1
-rw-r--r--security/hamachi/Makefile39
-rw-r--r--security/hamachi/distinfo3
-rw-r--r--security/hamachi/files/hamachi.sh.in65
-rw-r--r--security/hamachi/files/patch-Makefile26
-rw-r--r--security/hamachi/files/patch-tuncfg_tuncfg.c240
-rw-r--r--security/hamachi/pkg-descr3
7 files changed, 377 insertions, 0 deletions
diff --git a/security/Makefile b/security/Makefile
index 6f6940747851..88d790ba1373 100644
--- a/security/Makefile
+++ b/security/Makefile
@@ -179,6 +179,7 @@
SUBDIR += gwee
SUBDIR += hackbot
SUBDIR += hafiye
+ SUBDIR += hamachi
SUBDIR += hashish
SUBDIR += heimdal
SUBDIR += hlfl
diff --git a/security/hamachi/Makefile b/security/hamachi/Makefile
new file mode 100644
index 000000000000..5d771f47d9ee
--- /dev/null
+++ b/security/hamachi/Makefile
@@ -0,0 +1,39 @@
+# New ports collection makefile for: hamachi
+# Date created: 2006-11-17
+# Whom: Lapo Luchini <lapo@lapo.it>
+#
+# $FreeBSD$
+#
+
+PORTNAME= hamachi
+DISTVERSION= 0.9.9.9-20
+DISTVERSIONSUFFIX= -lnx
+CATEGORIES= security linux
+MASTER_SITES= http://files.hamachi.cc/linux/
+PKGNAMEPREFIX= linux-
+
+MAINTAINER= lapo@lapo.it
+COMMENT= Fast, secure, simple VPN software with NAT-traversal
+
+PATCH_DEPENDS= upx:${PORTSDIR}/archivers/upx
+
+NO_BUILD= yes
+ONLY_FOR_ARCHS= i386 amd64
+USE_LINUX= yes
+
+USE_RC_SUBR= hamachi.sh
+PLIST_FILES= bin/hamachi bin/hamachi-init sbin/hamachi-tuncfg
+PORTDOCS= README CHANGES
+
+post-patch:
+ ${RM} -f ${WRKSRC}/tuncfg/tuncfg
+ ${CC} ${CFLAGS} -o ${WRKSRC}/tuncfg/tuncfg ${WRKSRC}/tuncfg/tuncfg.c
+ upx -d ${WRKSRC}/hamachi
+
+post-install:
+.if !defined(NOPORTDOCS)
+ ${MKDIR} ${DOCSDIR}
+ cd ${WRKSRC} && ${INSTALL_DATA} ${PORTDOCS} ${DOCSDIR}
+.endif
+
+.include <bsd.port.mk>
diff --git a/security/hamachi/distinfo b/security/hamachi/distinfo
new file mode 100644
index 000000000000..93e95ca382ac
--- /dev/null
+++ b/security/hamachi/distinfo
@@ -0,0 +1,3 @@
+MD5 (hamachi-0.9.9.9-20-lnx.tar.gz) = 27e4c926d0aa03de3573c0b7acf032a6
+SHA256 (hamachi-0.9.9.9-20-lnx.tar.gz) = 9e4b733558377d0c971ee2a19e04c0f5956e069033e8d13865f7c4dcb6d7f31b
+SIZE (hamachi-0.9.9.9-20-lnx.tar.gz) = 344866
diff --git a/security/hamachi/files/hamachi.sh.in b/security/hamachi/files/hamachi.sh.in
new file mode 100644
index 000000000000..49ebf427d8a6
--- /dev/null
+++ b/security/hamachi/files/hamachi.sh.in
@@ -0,0 +1,65 @@
+#!/bin/sh
+#
+# hamachi.sh - load tap driver and start Hamachi's tuncfg daemon
+#
+# (C) Copyright 2007 by Lapo Luchini
+# (loosely based on ports/security/openvpn/files/openvpn.sh.in 1.9 by Matthias Andree)
+#
+# $FreeBSD$
+#
+# This program is free software; you can redistribute it and/or modify it under
+# the terms of the GNU General Public License as published by the Free Software
+# Foundation; either version 2 of the License, or (at your option) any later
+# version.
+#
+# This program is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
+# details.
+#
+# You should have received a copy of the GNU General Public License along with
+# this program; if not, write to the Free Software Foundation, Inc., 51 Franklin
+# Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+# PROVIDE: hamachi
+# REQUIRE: DAEMON
+# KEYWORD: shutdown
+
+#TODO: serve la KEYWORD:shutdown? che fa?
+
+# Note that we deliberately refrain from unloading drivers.
+
+. %%RC_SUBR%%
+
+name="hamachi"
+rcvar=`set_rcvar`
+
+load_rc_config $name
+
+: ${hamachi_enable="NO"}
+
+command="%%PREFIX%%/sbin/hamachi-tuncfg"
+start_precmd="hamachi_precmd"
+
+hamachi_precmd() {
+ # FreeBSD <= 5.4 does not know kldstat's -m option
+ # FreeBSD >= 6.0 does not add debug.* sysctl information
+ # in the default build - we check both to keep things simple
+ if ! sysctl debug.if_tap_debug >/dev/null 2>&1 \
+ && ! kldstat -m if_tap >/dev/null 2>&1 ; then
+ if ! kldload if_tap ; then
+ warn "Could not load tap module."
+ return 1
+ fi
+ fi
+ if ! sysctl compat.linux >/dev/null 2>&1 \
+ && ! kldstat -m linuxelf >/dev/null 2>&1 ; then
+ if ! kldload linux ; then
+ warn "Could not load linux module."
+ return 1
+ fi
+ fi
+ return 0
+}
+
+run_rc_command "$1"
diff --git a/security/hamachi/files/patch-Makefile b/security/hamachi/files/patch-Makefile
new file mode 100644
index 000000000000..6da80a312e15
--- /dev/null
+++ b/security/hamachi/files/patch-Makefile
@@ -0,0 +1,26 @@
+--- Makefile.orig Tue Jun 20 21:47:28 2006
++++ Makefile Thu Mar 22 14:02:01 2007
+@@ -2,12 +2,12 @@
+ #
+ # Where hamachi and its symbolic link hamachi-init goes
+ #
+-HAMACHI_DST ?= /usr/bin
++HAMACHI_DST ?= /usr/local/bin
+
+ #
+ # Where root-level tunnel device configuration daemon tuncfg goes
+ #
+-TUNCFG_DST ?= /sbin
++TUNCFG_DST ?= /usr/local/sbin
+
+ .phony: install
+
+@@ -26,7 +26,7 @@
+ fi;
+
+ @echo Copying tuncfg into $(TUNCFG_DST) ..
+- @install -s -m 700 tuncfg/tuncfg $(TUNCFG_DST)
++ @install -s -m 700 tuncfg/tuncfg $(TUNCFG_DST)/hamachi-tuncfg
+
+ @echo
+ @echo "Hamachi is installed. See README for what to do next."
diff --git a/security/hamachi/files/patch-tuncfg_tuncfg.c b/security/hamachi/files/patch-tuncfg_tuncfg.c
new file mode 100644
index 000000000000..cdde008bc9c9
--- /dev/null
+++ b/security/hamachi/files/patch-tuncfg_tuncfg.c
@@ -0,0 +1,240 @@
+--- tuncfg/tuncfg.c.orig Tue Jun 20 21:47:28 2006
++++ tuncfg/tuncfg.c Fri Nov 17 11:14:51 2006
+@@ -20,7 +20,7 @@
+ * normally required by a private networking software. Namely -
+ *
+ * * creation of tunneling devices; this requires an access to
+- * /dev/net/tun file, which _usually_ has 700 access mask
++ * /dev/tapXX files, which _usually_ has 700 access mask
+ *
+ * * configuration of the tunneling device using ifconfig, which is
+ * always a root-level operation
+@@ -29,7 +29,7 @@
+ * open a listening domain socket /var/run/tuncfg.sock.
+ *
+ * Upon accepting the connection on this socket, it will issue an open()
+- * call for /dev/net/tun file (thus instantiating the tunneling device)
++ * call for /dev/tapXX file (iterating over first 16 XX values)
+ * and pass obtained FD to the peer process. It will also query and pass
+ * the MAC address of the device to the peer process.
+ *
+@@ -48,10 +48,12 @@
+ #include <sys/un.h>
+ #include <sys/ioctl.h>
+ #include <sys/stat.h>
++#include <sys/sysctl.h>
+ #include <arpa/inet.h>
+
+-#include <linux/if.h>
+-#include <linux/if_tun.h>
++#include <net/if.h>
++#include <net/if_dl.h>
++#include <netinet/in.h>
+
+ #include <unistd.h>
+ #include <errno.h>
+@@ -59,6 +61,7 @@
+ #include <fcntl.h>
+ #include <stdarg.h>
+ #include <stdlib.h>
++#include <string.h>
+
+ /*
+ *
+@@ -68,7 +71,7 @@
+
+ #define TUNTAP_URL "http://www.hamachi.cc/tuntap"
+
+-#define MAX_CLIENTS 64
++#define MAX_CLIENTS 16
+
+ struct context
+ {
+@@ -90,6 +93,7 @@
+ struct stat st;
+ pid_t pid;
+ int fd, r, i;
++ int debug = 0;
+
+ struct context ctx[MAX_CLIENTS];
+ int ctx_n = 0;
+@@ -98,18 +102,28 @@
+ if (getuid() != 0)
+ errorf("tuncfg: must be run with superuser permissions\n");
+
+- // lcok
+- fd = open(LOCK_PATH, O_CREAT);
++ //
++ if (argc > 1)
++ {
++ debug = (strcmp(argv[1], "-d") == 0);
++ }
++
++ // lock
++ fd = open(LOCK_PATH, O_CREAT | O_RDWR);
+ if (fd < 0)
+ errorf("tuncfg: cannot open lock file %s -- %s\n",
+ LOCK_PATH, strerror(errno));
+
++ //
+ if (flock(fd, LOCK_EX | LOCK_NB) < 0)
+- errorf("tuncfg: already running\n");
++ {
++ errorf("tuncfg: already running, "
++ "use 'killall tuncfg; tuncfg' to restart it\n");
++ }
+
+ // check there's /dev/net/tun
+- if (stat("/dev/net/tun", &st) < 0)
+- errorf("tuncfg: cannot stat() /dev/net/tun -- %s\n"
++ if (stat("/dev/tap0", &st) < 0)
++ errorf("tuncfg: cannot stat() /dev/tap0 -- %s\n"
+ "tuncfg: visit %s for more information\n",
+ strerror(errno), TUNTAP_URL);
+
+@@ -143,7 +157,7 @@
+ SOCK_PATH, strerror(errno));
+
+ // daemonize
+- if (argc < 2 || strcmp(argv[1], "-d"))
++ if (! debug)
+ {
+ chdir("/");
+
+@@ -196,8 +210,13 @@
+ if (FD_ISSET(fd, &fdr))
+ {
+ struct context * p;
+- struct ifreq ifr;
+ char buf[4+6];
++ int mib[6];
++ size_t len;
++ struct if_msghdr * msg = NULL;
++ struct sockaddr_dl * sa;
++ char dev_name[32];
++ int i;
+ int cli, dev = -1, tmp = -1;
+
+ cli = accept(fd, (void*)&addr, &alen);
+@@ -213,48 +232,64 @@
+ goto done;
+ }
+
+- // open tap device
+- dev = open("/dev/net/tun", O_RDWR);
+- printf("tuncfg: open() %d %d\n", dev, errno);
++ // open first available tap device
++ for (i=0; i<MAX_CLIENTS; i++)
++ {
++ snprintf(dev_name, sizeof(dev_name),
++ "/dev/tap%d", i);
++
++ dev = open(dev_name, O_RDWR);
++ printf("tuncfg: open(%s) %d %d\n",
++ dev_name, dev, errno);
++ if (dev >= 0)
++ break;
++ }
+ if (dev < 0)
+ {
+- r = (0x02 << 24) | errno;
++ r = (0x02 << 24);
+ goto done;
+ }
+
+- // bring it up
+- strcpy(ifr.ifr_name, "ham%d");
+- ifr.ifr_flags = IFF_TAP | IFF_NO_PI;
+- if (ioctl(dev, TUNSETIFF, (ulong)&ifr) < 0)
++ // query mac
++ mib[0] = CTL_NET;
++ mib[1] = AF_ROUTE;
++ mib[2] = 0;
++ mib[3] = AF_LINK;
++ mib[4] = NET_RT_IFLIST;
++ mib[5] = if_nametoindex("tap0");
++
++ if (! mib[5])
+ {
+- printf("tuncfg: ioctl() -1 %d\n", errno);
+ r = (0x03 << 24) | errno;
+ goto done;
+ }
+- printf("tuncfg: ioctl() 0 %s\n", ifr.ifr_name);
+
+- // query mac
+- tmp = socket(AF_INET, SOCK_DGRAM, 0);
+- if (tmp < 0)
++ if (sysctl(mib, 6, NULL, &len, NULL, 0) < 0)
+ {
+- printf("tuncfg: socket(mac) %d\n", errno);
+ r = (0x04 << 24) | errno;
+ goto done;
+ }
+-
+- if (ioctl(tmp, SIOCGIFHWADDR, (ulong)&ifr) < 0)
++
++ msg = malloc(len);
++ if (! msg)
++ {
++ r = (0x05 << 24) | errno;
++ goto done;
++ }
++
++ if (sysctl(mib, 6, msg, &len, NULL, 0) < 0)
+ {
+- printf("tuncfg: ioctl(mac) %d\n", errno);
+ r = (0x05 << 24) | errno;
+ goto done;
+ }
+
+- memcpy(buf+4, &ifr.ifr_hwaddr.sa_data, 6);
++ sa = (void*)(msg + 1);
++ memcpy(buf+4, LLADDR(sa), 6);
+
+ // remember
+ p = &ctx[ctx_n++];
+ p->fd = cli;
+- strncpy(p->dev, ifr.ifr_name, sizeof(p->dev));
++ strncpy(p->dev, dev_name+5, 5);
+
+ r = 0;
+ done:
+@@ -264,6 +299,7 @@
+ send_with_fd(cli, buf, sizeof(buf), dev);
+ }
+
++ free(msg);
+ if (tmp != -1) close(tmp);
+ if (dev != -1) close(dev);
+ if (r != 0) close(cli);
+@@ -295,7 +331,7 @@
+ goto ack;
+ }
+
+- /* v[0] = ham<n>, v[1] = ip, v[2] = mask */
++ /* v[0] = ip, v[1] = mask */
+ if ( (v[0] & 0xff000000) != 0x05000000 ||
+ (v[1] & 0xff000000) != 0xff000000 )
+ {
+@@ -324,9 +360,13 @@
+
+ r = system(cmd);
+ printf("tuncfg: system(%s) %d %d\n", cmd, r, errno);
+-
++ if (r != 0)
++ {
++ r = (0x08 << 24) | (r & 0x00ffffff);
++ goto ack;
++ }
+ ack:
+- printf("tuncfg: config() %08x", r);
++ printf("tuncfg: config() %08x\n", r);
+ send_with_fd(ctx[i].fd, &r, sizeof(r), -1);
+ }
+ }
+@@ -360,4 +400,3 @@
+
+ return sendmsg(fd, &msg, 0);
+ }
+-
diff --git a/security/hamachi/pkg-descr b/security/hamachi/pkg-descr
new file mode 100644
index 000000000000..081f8fb8403b
--- /dev/null
+++ b/security/hamachi/pkg-descr
@@ -0,0 +1,3 @@
+Hamachi is a zero-configuration virtual private networking tool.
+
+WWW: http://hamachi.cc/