# Created by: vanhu # $FreeBSD$ # TODO: - libipsec issue ? # - cleanup... # - SYSCONFDIR # - $LOCALBASE/sbin/setkey Vs /usr/sbin/setkey PORTNAME= ipsec-tools PORTVERSION= 0.8.2 CATEGORIES= security MASTER_SITES= SF MAINTAINER= vanhu@FreeBSD.org COMMENT= KAME racoon IKE daemon, ipsec-tools version CONFLICTS= racoon-[0-9]* USE_RC_SUBR= racoon USE_OPENSSL= yes INSTALL_TARGET= install-strip USES= libtool tar:bzip2 GNU_CONFIGURE= yes USE_LDCONFIG= yes CONFIGURE_ARGS= --enable-shared --sysconfdir=${PREFIX}/etc/racoon \ --localstatedir=${STATEDIR:S/\/racoon//} \ --with-pkgversion=freebsd-${PORTVERSION} STATEDIR= /var/db/racoon SUB_LIST+= STATEDIR=${STATEDIR} PLIST_SUB+= STATEDIR=${STATEDIR} OPTIONS_DEFINE= DEBUG IPV6 ADMINPORT STATS DPD NATT NATTF FRAG HYBRID PAM \ RADIUS LDAP GSSAPI SAUNSPEC RC5 IDEA DOCS EXAMPLES WCPSKEY OPTIONS_DEFAULT= DEBUG DPD NATT FRAG HYBRID ADMINPORT_DESC= Enable Admin port STATS_DESC= Statistics logging function DPD_DESC= Dead Peer Detection NATT_DESC= NAT-Traversal (kernel-patch required) NATTF_DESC= require NAT-Traversal (fail without kernel-patch) FRAG_DESC= IKE fragmentation payload support HYBRID_DESC= Hybrid, Xauth and Mode-cfg support SAUNSPEC_DESC= Unspecified SA mode RC5_DESC= RC5 encryption (patented) IDEA_DESC= IDEA encryption (patented) PAM_DESC= PAM authentication (Xauth server) RADIUS_DESC= Radius authentication (Xauth server) LDAP_DESC= LDAP authentication (Xauth server) WCPSKEY_DESC= Allow wildcard matching for pre-shared keys PORTDOCS= * PORTEXAMPLES= * .include .if ${OSVERSION} < 900007 EXTRA_PATCHES= ${FILESDIR}/patch8-utmp.diff .endif .if ${PORT_OPTIONS:MDEBUG} CONFIGURE_ARGS+= --enable-debug .else CONFIGURE_ARGS+= --disable-debug .endif .if ${PORT_OPTIONS:MIPV6} CONFIGURE_ARGS+= --enable-ipv6 .else CONFIGURE_ARGS+= --disable-ipv6 .endif .if ${PORT_OPTIONS:MADMINPORT} CONFIGURE_ARGS+= --enable-adminport .else CONFIGURE_ARGS+= --disable-adminport .endif .if ${PORT_OPTIONS:MSTATS} CONFIGURE_ARGS+= --enable-stats .else CONFIGURE_ARGS+= --disable-stats .endif .if ${PORT_OPTIONS:MDPD} CONFIGURE_ARGS+= --enable-dpd .else CONFIGURE_ARGS+= --disable-dpd .endif .if ${PORT_OPTIONS:MNATT} . if ${PORT_OPTIONS:MNATTF} CONFIGURE_ARGS+= --enable-natt=yes . else CONFIGURE_ARGS+= --enable-natt=kernel . endif .else CONFIGURE_ARGS+= --disable-natt .endif .if ${PORT_OPTIONS:MFRAG} CONFIGURE_ARGS+= --enable-frag .else CONFIGURE_ARGS+= --disable-frag .endif .if ${PORT_OPTIONS:MHYBRID} CONFIGURE_ARGS+= --enable-hybrid .else CONFIGURE_ARGS+= --disable-hybrid .endif .if ${PORT_OPTIONS:MPAM} CONFIGURE_ARGS+= --with-libpam .else CONFIGURE_ARGS+= --without-libpam .endif .if ${PORT_OPTIONS:MGSSAPI} USES+= iconv CFLAGS+= -I${LOCALBASE}/include LDFLAGS+= -L${LOCALBASE}/lib CONFIGURE_ARGS+= --enable-gssapi .else CONFIGURE_ARGS+= --disable-gssapi .endif .if ${PORT_OPTIONS:MRADIUS} CONFIGURE_ARGS+= --with-libradius .else CONFIGURE_ARGS+= --without-libradius .endif .if ${PORT_OPTIONS:MLDAP} USE_OPENLDAP= YES CONFIGURE_ARGS+= --with-libldap=${LOCALBASE} .else CONFIGURE_ARGS+= --without-libldap .endif .if ${PORT_OPTIONS:MSAUNSPEC} CONFIGURE_ARGS+= --enable-samode-unspec .else CONFIGURE_ARGS+= --disable-samode-unspec .endif .if ${PORT_OPTIONS:MRC5} CONFIGURE_ARGS+= --enable-rc5 .else CONFIGURE_ARGS+= --disable-rc5 .endif .if ${PORT_OPTIONS:MIDEA} CONFIGURE_ARGS+= --enable-idea .else CONFIGURE_ARGS+= --disable-idea .endif .if ${PORT_OPTIONS:MWCPSKEY} EXTRA_PATCHES= ${FILESDIR}/wildcard-psk.diff .endif post-patch: @${REINPLACE_CMD} -e "s/-Werror//g ; s/-R$$libdir/-Wl,-rpath=$$libdir/g" ${WRKSRC}/configure post-install: @${MKDIR} ${STAGEDIR}/${PREFIX}/etc/racoon @if [ -z `/sbin/sysctl -a | ${GREP} -q ipsec && ${ECHO_CMD} ipsec` ]; then \ ${ECHO_MSG} "WARNING: IPsec feature is disabled on this host"; \ ${ECHO_MSG} " You must build the kernel if you want to run racoon on the host"; \ fi ; @${MKDIR} ${STAGEDIR}/${EXAMPLESDIR} @${RM} -f ${WRKSRC}/src/racoon/samples/*.in @${CP} -r ${WRKSRC}/src/racoon/samples/* ${STAGEDIR}/${EXAMPLESDIR} @${MKDIR} ${STAGEDIR}/${DOCSDIR} ${INSTALL_DATA} ${WRKSRC}/src/racoon/doc/* ${STAGEDIR}/${DOCSDIR} .include