[Midnightbsd-cvs] mports: mports/security: Initial import of VPNC.
archite at midnightbsd.org
archite at midnightbsd.org
Mon Jun 2 00:01:54 EDT 2008
Log Message:
-----------
Initial import of VPNC.
VPNC - Client for Cisco 3000 VPN Concentrator, IOS and PIX
Modified Files:
--------------
mports/security:
Makefile (r1.77 -> r1.78)
Added Files:
-----------
mports/security/vpnc:
Makefile (r1.1)
distinfo (r1.1)
pkg-descr (r1.1)
pkg-plist (r1.1)
mports/security/vpnc/files:
patch-Makefile (r1.1)
patch-config.c (r1.1)
patch-vpnc-script (r1.1)
vpnc.in (r1.1)
-------------- next part --------------
--- /dev/null
+++ security/vpnc/pkg-descr
@@ -0,0 +1,8 @@
+VPNC - Client for Cisco 3000 VPN Concentrator, IOS and PIX
+
+Vpnc is a VPN client for the Cisco 3000 VPN Concentrator, creating a
+IPSec-like connection as a tunneling network device for the local
+system. The created connection is presented as a tunneling network
+device to the local system. The daemon runs entirely in userspace.
+
+WWW: http://www.unix-ag.uni-kl.de/~massar/vpnc/
--- /dev/null
+++ security/vpnc/pkg-plist
@@ -0,0 +1,7 @@
+sbin/vpnc
+sbin/vpnc-script
+sbin/vpnc-disconnect
+%%DECRYPT%%bin/cisco-decrypt
+ at unexec if cmp -s %D/etc/vpnc.conf %D/etc/vpnc.conf.sample; then rm -f %D/etc/vpnc.conf; fi
+etc/vpnc.conf.sample
+ at exec [ -f %B/vpnc.conf ] || cp %B/%f %B/vpnc.conf
--- /dev/null
+++ security/vpnc/Makefile
@@ -0,0 +1,81 @@
+# New ports collection makefile for: vpnc
+# Date created: 15 December 2003
+# Whom: Christian Lackas
+#
+# $MidnightBSD: mports/security/vpnc/Makefile,v 1.1 2008/06/02 04:01:52 archite Exp $
+# $FreeBSD: ports/security/vpnc/Makefile,v 1.35 2008/03/27 19:27:30 ehaupt Exp $
+#
+
+PORTNAME= vpnc
+PORTVERSION= 0.5.1
+PORTREVISION= 5
+CATEGORIES= security
+MASTER_SITES= http://www.unix-ag.uni-kl.de/~massar/vpnc/ \
+ CRITICAL
+
+MAINTAINER= ports at MidnightBSD.org
+COMMENT= Client for Cisco 3000 VPN Concentrator
+
+LIB_DEPENDS= gcrypt.15:${PORTSDIR}/security/libgcrypt
+
+USE_GMAKE= yes
+USE_PERL5_BUILD=yes
+USE_RC_SUBR= vpnc
+
+ALL_TARGET= all
+
+PORTDOCS= README TODO
+MAN8= vpnc.8
+
+OPTIONS+= DECRYPT "cisco-decypt password decrypt utility" on
+OPTIONS+= SSL "OpenSSL certificate support (hybrid only)" off
+OPTIONS+= CISCOVERSION "Mask linux presentation string" off
+
+MAKE_ENV+= LDFLAGS="${LDFLAGS}" CFLAGS="${CFLAGS}" CC="${CC}" \
+ BINS="${EXTRABUILDS}"
+
+.include <bsd.port.pre.mk>
+
+.if defined(WITH_DECRYPT)
+MAN1= cisco-decrypt.1
+EXTRABUILDS+= cisco-decrypt
+PLIST_SUB+= DECRYPT=""
+.else
+PLIST_SUB+= DECRYPT="@comment "
+.endif
+
+.if defined(WITH_SSL)
+NO_PACKAGE= binary linked against OpenSSL must not be redistributed
+CFLAGS+= -DOPENSSL_GPL_VIOLATION
+LDFLAGS+= -lcrypto
+.endif
+
+.if defined(WITH_CISCOVERSION)
+CFLAGS+= -DCISCO_PATCH_VERSION
+.endif
+
+post-patch:
+ @${REINPLACE_CMD} -e 's|%%PREFIX%%|${PREFIX}|' ${WRKSRC}/config.c
+ @${REINPLACE_CMD} -e 's|\(/etc/vpnc\)|${PREFIX}\1|' \
+ ${WRKSRC}/${MAN8}.template
+
+do-install:
+ ${INSTALL_PROGRAM} -m 751 ${WRKSRC}/vpnc ${PREFIX}/sbin/vpnc
+.if defined(WITH_DECRYPT)
+ ${INSTALL_PROGRAM} ${WRKSRC}/cisco-decrypt ${PREFIX}/bin
+ ${INSTALL_MAN} ${WRKSRC}/${MAN1} ${MANPREFIX}/man/man1
+.endif
+ ${INSTALL_SCRIPT} -m 751 ${WRKSRC}/vpnc-script ${PREFIX}/sbin/vpnc-script
+ ${INSTALL_SCRIPT} -m 751 ${WRKSRC}/vpnc-disconnect ${PREFIX}/sbin/vpnc-disconnect
+ ${INSTALL_DATA} -m 600 ${WRKSRC}/vpnc.conf ${PREFIX}/etc/vpnc.conf.sample
+.if !exists(${PREFIX}/etc/vpnc.conf)
+ ${INSTALL_DATA} -m 600 ${WRKSRC}/vpnc.conf ${PREFIX}/etc
+.endif
+ ${INSTALL_MAN} ${WRKSRC}/${MAN8} ${MANPREFIX}/man/man8
+
+.if !defined(NOPORTDOCS)
+ ${MKDIR} ${DOCSDIR}
+ @cd ${WRKSRC} && ${INSTALL_DATA} ${PORTDOCS} ${DOCSDIR}
+.endif
+
+.include <bsd.port.post.mk>
--- /dev/null
+++ security/vpnc/distinfo
@@ -0,0 +1,3 @@
+MD5 (vpnc-0.5.1.tar.gz) = 7a8e94dbe94f39a4fd89b72e0125f66f
+SHA256 (vpnc-0.5.1.tar.gz) = f63660bd020bbe6a39e8eb67ad60c54d719046c6198a6834371d098947f9a2ed
+SIZE (vpnc-0.5.1.tar.gz) = 91496
Index: Makefile
===================================================================
RCS file: /home/cvs/mports/security/Makefile,v
retrieving revision 1.77
retrieving revision 1.78
diff -L security/Makefile -L security/Makefile -u -r1.77 -r1.78
--- security/Makefile
+++ security/Makefile
@@ -81,6 +81,7 @@
SUBDIR += vlock
SUBDIR += vlog
SUBDIR += vnccrack
+ SUBDIR += vpnc
SUBDIR += webfwlog
SUBDIR += wipe
SUBDIR += wpa_supplicant
--- /dev/null
+++ security/vpnc/files/patch-config.c
@@ -0,0 +1,65 @@
+--- config.c.orig 2008-03-06 17:03:57.000000000 +0100
++++ config.c 2008-03-06 17:14:29.000000000 +0100
+@@ -257,17 +257,36 @@
+
+ static const char *config_def_app_version(void)
+ {
+- struct utsname uts;
+- char *version;
++ char *version;
++#ifndef CISCO_PATCH_VERSION
++ struct utsname uts;
+
+- uname(&uts);
+- asprintf(&version, "Cisco Systems VPN Client %s:%s", VERSION, uts.sysname);
+- return version;
++ uname(&uts);
++#endif
++
++#ifdef CISCO_PATCH_VERSION
++ /*
++ * Raffaele De Lorenzo March 2008
++ * Some Cisco Concentrator refuse connection if the Presentation Version
++ * String is not the same like Official "Cisco VPN Client". This patch
++ * masked the version to "Cisco Systems VPN Client 4.8.00 (0490):Linux",
++ */
++#define CISCO_CONC_PRESENT_VERSION "Cisco Systems VPN Client 4.8.00 (0490):Linux"
++#endif
++
++ asprintf(&version,
++#ifdef CISCO_PATCH_VERSION
++ CISCO_CONC_PRESENT_VERSION
++#else
++ "Cisco Systems VPN Client %s:%s", VERSION, uts.sysname
++#endif
++ );
++ return version;
+ }
+
+ static const char *config_def_script(void)
+ {
+- return "/etc/vpnc/vpnc-script";
++ return "%%PREFIX%%/sbin/vpnc-script";
+ }
+
+ static const char *config_def_pid_file(void)
+@@ -538,7 +557,7 @@
+ {
+ char *realname;
+
+- asprintf(&realname, "%s%s%s", index(name, '/') ? "" : "/etc/vpnc/", name, add_dot_conf ? ".conf" : "");
++ asprintf(&realname, "%s%s%s", index(name, '/') ? "" : "%%PREFIX%%/etc/vpnc/", name, add_dot_conf ? ".conf" : "");
+ return realname;
+ }
+
+@@ -757,8 +776,8 @@
+ }
+
+ if (!got_conffile) {
+- read_config_file("/etc/vpnc/default.conf", config, 1);
+- read_config_file("/etc/vpnc.conf", config, 1);
++ read_config_file("%%PREFIX%%/etc/vpnc/default.conf", config, 1);
++ read_config_file("%%PREFIX%%/etc/vpnc.conf", config, 1);
+ }
+
+ if (!print_config) {
--- /dev/null
+++ security/vpnc/files/patch-Makefile
@@ -0,0 +1,42 @@
+--- Makefile.orig 2007-09-06 22:05:15.000000000 +0200
++++ Makefile 2008-02-29 21:58:37.000000000 +0100
+@@ -20,14 +20,14 @@
+ # $Id: Makefile 236 2007-09-05 20:40:59Z Joerg Mayer $
+
+ DESTDIR=
+-PREFIX=/usr/local
+-ETCDIR=/etc/vpnc
++PREFIX?=/usr/local
++ETCDIR=$(PREFIX)/etc/
+ BINDIR=$(PREFIX)/bin
+ SBINDIR=$(PREFIX)/sbin
+ MANDIR=$(PREFIX)/share/man
+
+ SRCS = sysdep.c vpnc-debug.c isakmp-pkt.c tunip.c config.c dh.c math_group.c supp.c
+-BINS = vpnc cisco-decrypt
++BINS += vpnc
+ OBJS = $(addsuffix .o,$(basename $(SRCS)))
+ BINOBJS = $(addsuffix .o,$(BINS))
+ BINSRCS = $(addsuffix .c,$(BINS))
+@@ -49,9 +49,9 @@
+ #OPENSSL_GPL_VIOLATION = -DOPENSSL_GPL_VIOLATION
+ #OPENSSLLIBS = -lcrypto
+
+-CC=gcc
+-CFLAGS ?= -O3 -g
+-CFLAGS += -W -Wall -Wmissing-declarations -Wwrite-strings
++CC?=gcc
++#CFLAGS ?= -O3 -g
++#CFLAGS += -W -Wall -Wmissing-declarations -Wwrite-strings
+ CFLAGS += $(shell libgcrypt-config --cflags)
+ CPPFLAGS += -DVERSION=\"$(VERSION)\" $(OPENSSL_GPL_VIOLATION)
+ LDFLAGS ?= -g
+@@ -74,7 +74,7 @@
+ ./makeman.pl
+
+ cisco-decrypt : cisco-decrypt.o config.o supp.o sysdep.o vpnc-debug.o
+- $(CC) -o $@ $^ $(LDFLAGS)
++ $(CC) $(CFLAGS) -o $@ $^ $(LDFLAGS)
+
+ .depend: $(SRCS) $(BINSRCS)
+ $(CC) -MM $(SRCS) $(BINSRCS) $(CFLAGS) $(CPPFLAGS) > $@
--- /dev/null
+++ security/vpnc/files/patch-vpnc-script
@@ -0,0 +1,13 @@
+--- vpnc-script.orig 2008-02-26 00:42:09.000000000 +0100
++++ vpnc-script 2008-02-26 00:43:41.000000000 +0100
+@@ -56,8 +56,8 @@
+ ;;
+ esac
+
+-DEFAULT_ROUTE_FILE=/var/run/vpnc/defaultroute
+-RESOLV_CONF_BACKUP=/var/run/vpnc/resolv.conf-backup
++DEFAULT_ROUTE_FILE=/var/run/vpnc.defaultroute
++RESOLV_CONF_BACKUP=/var/run/vpnc.resolv.conf-backup
+ FULL_SCRIPTNAME=/usr/local/sbin/vpnc
+ SCRIPTNAME=`basename $FULL_SCRIPTNAME`
+
--- /dev/null
+++ security/vpnc/files/vpnc.in
@@ -0,0 +1,105 @@
+#!/bin/sh
+#
+# Author: kamikaze
+# Contact: kamikaze at bsdforen.de
+#
+# If vpnc_conf is defined, it will be treated as a list of configuration files
+# in vpnc_conf_dir. This managed mode is useful where where vpnc tunnels have
+# to be established through other vpnc tunnels.
+# You can pass further command line options to vpnc by specifying
+# them in vpnc_flags.
+#
+
+# PROVIDE: vpnc
+# REQUIRE: LOGIN
+# KEYWORD: shutdown
+
+# Default settings - don't change this.
+: ${vpnc_enable="NO"}
+: ${vpnc_pid_dir="/var/run"}
+: ${vpnc_pid_file="vpnc/pid"}
+: ${vpnc_conf_dir="%%PREFIX%%/etc"}
+: ${vpnc_record="$vpnc_pid_dir/vpnc.record"}
+
+. %%RC_SUBR%%
+
+name="vpnc"
+rcvar=`set_rcvar`
+
+command="%%PREFIX%%/sbin/$name"
+
+vpnc_start() {
+ if [ -z "$vpnc_conf" ]; then
+ #No configuration files given, run unmanaged.
+ $command $vpnc_flags
+ return $?
+ fi
+
+ # A list of configurations is present. Connect managing
+ # what is required for a clean shutdown later.
+
+ for config in $vpnc_conf; do
+
+ # The current configuration file.
+ current="$vpnc_conf_dir/$config"
+
+ # Start vpnc.
+ if ! $command --local-port 0 $current $vpnc_flags; then
+ status=$?
+ # VPNC does not print a newline after an error.
+ echo
+ echo "Running 'vpnc $current --local-port 0 $vpnc_flags' failed."
+ return $status
+ fi
+
+ # Wait for the system to catch up.
+ /bin/sleep 1
+
+ # Copy files to allow a clean shutdown
+ # of multiple connections.
+
+ /bin/cp "$vpnc_pid_dir/$vpnc_pid_file" "$vpnc_pid_dir/vpnc.$config.pid"
+ /bin/cp "$vpnc_pid_dir/vpnc.defaultroute" "$vpnc_pid_dir/vpnc.$config.defaultroute" 2> /dev/null
+ /bin/cp "$vpnc_pid_dir/vpnc.resolv.conf-backup" "$vpnc_pid_dir/vpnc.$config.resolv.conf-backup" 2> /dev/null
+ echo "$config" >> "$vpnc_record"
+ done
+}
+
+vpnc_stop() {
+ if [ ! -e "$vpnc_record" ]; then
+ /bin/sleep 1
+ # There's no record of connections, assume unmanaged shutdown.
+ $command-disconnect
+ return $?
+ fi
+
+ # A record of vpnc connections is present. Attempt a
+ # managed shutdown.
+
+ for config in `/usr/bin/tail -r "$vpnc_record"`; do
+
+ # Wait to give the system a chance to catch up with
+ # recent changes.
+
+ /bin/sleep 1
+
+ # Move the vpnc files back into position.
+
+ /bin/mv "$vpnc_pid_dir/vpnc.$config.pid" "$vpnc_pid_dir/$vpnc_pid_file"
+ /bin/mv "$vpnc_pid_dir/vpnc.$config.defaultroute" "$vpnc_pid_dir/vpnc.defaultroute" 2> /dev/null
+ /bin/mv "$vpnc_pid_dir/vpnc.$config.resolv.conf-backup" "$vpnc_pid_dir/vpnc.resolv.conf-backup" 2> /dev/null
+
+ # Run the disconnect command.
+ $command-disconnect
+ done
+
+ # Remove the connection record.
+
+ /bin/rm "$vpnc_record"
+}
+
+start_cmd=vpnc_start
+stop_cmd=vpnc_stop
+
+load_rc_config $name
+run_rc_command "$1"
More information about the Midnightbsd-cvs
mailing list