[Midnightbsd-cvs] mports: mports/security: Initial import of VPNC.

archite at midnightbsd.org archite at midnightbsd.org
Mon Jun 2 00:01:54 EDT 2008 

Log Message:
-----------
Initial import of VPNC.

VPNC - Client for Cisco 3000 VPN Concentrator, IOS and PIX

Modified Files:
--------------
    mports/security:
        Makefile (r1.77 -> r1.78)

Added Files:
-----------
    mports/security/vpnc:
        Makefile (r1.1)
        distinfo (r1.1)
        pkg-descr (r1.1)
        pkg-plist (r1.1)
    mports/security/vpnc/files:
        patch-Makefile (r1.1)
        patch-config.c (r1.1)
        patch-vpnc-script (r1.1)
        vpnc.in (r1.1)

-------------- next part --------------
--- /dev/null
+++ security/vpnc/pkg-descr
@@ -0,0 +1,8 @@
+VPNC - Client for Cisco 3000 VPN Concentrator, IOS and PIX
+
+Vpnc is a VPN client for the Cisco 3000 VPN Concentrator, creating a
+IPSec-like connection as a tunneling network device for the local
+system. The created connection is presented as a tunneling network
+device to the local system. The daemon runs entirely in userspace.
+
+WWW: http://www.unix-ag.uni-kl.de/~massar/vpnc/
--- /dev/null
+++ security/vpnc/pkg-plist
@@ -0,0 +1,7 @@
+sbin/vpnc
+sbin/vpnc-script
+sbin/vpnc-disconnect
+%%DECRYPT%%bin/cisco-decrypt
+ at unexec if cmp -s %D/etc/vpnc.conf %D/etc/vpnc.conf.sample; then rm -f %D/etc/vpnc.conf; fi
+etc/vpnc.conf.sample
+ at exec [ -f %B/vpnc.conf ] || cp %B/%f %B/vpnc.conf
--- /dev/null
+++ security/vpnc/Makefile
@@ -0,0 +1,81 @@
+# New ports collection makefile for:	vpnc
+# Date created:				15 December 2003
+# Whom:					Christian Lackas
+#
+# $MidnightBSD: mports/security/vpnc/Makefile,v 1.1 2008/06/02 04:01:52 archite Exp $
+# $FreeBSD: ports/security/vpnc/Makefile,v 1.35 2008/03/27 19:27:30 ehaupt Exp $
+#
+
+PORTNAME=	vpnc
+PORTVERSION=	0.5.1
+PORTREVISION=	5
+CATEGORIES=	security
+MASTER_SITES=	http://www.unix-ag.uni-kl.de/~massar/vpnc/ \
+		CRITICAL
+
+MAINTAINER=	ports at MidnightBSD.org
+COMMENT=	Client for Cisco 3000 VPN Concentrator
+
+LIB_DEPENDS=	gcrypt.15:${PORTSDIR}/security/libgcrypt
+
+USE_GMAKE=	yes
+USE_PERL5_BUILD=yes
+USE_RC_SUBR=	vpnc
+
+ALL_TARGET=	all
+
+PORTDOCS=	README TODO
+MAN8=		vpnc.8
+
+OPTIONS+=	DECRYPT       "cisco-decypt password decrypt utility"      on
+OPTIONS+=	SSL           "OpenSSL certificate support (hybrid only)"  off
+OPTIONS+=	CISCOVERSION  "Mask linux presentation string"             off
+
+MAKE_ENV+=	LDFLAGS="${LDFLAGS}" CFLAGS="${CFLAGS}" CC="${CC}" \
+		BINS="${EXTRABUILDS}"
+
+.include <bsd.port.pre.mk>
+
+.if defined(WITH_DECRYPT)
+MAN1=		cisco-decrypt.1
+EXTRABUILDS+=	cisco-decrypt
+PLIST_SUB+=	DECRYPT=""
+.else
+PLIST_SUB+=	DECRYPT="@comment "
+.endif
+
+.if defined(WITH_SSL)
+NO_PACKAGE=	binary linked against OpenSSL must not be redistributed
+CFLAGS+=	-DOPENSSL_GPL_VIOLATION
+LDFLAGS+=	-lcrypto
+.endif
+
+.if defined(WITH_CISCOVERSION)
+CFLAGS+=	-DCISCO_PATCH_VERSION
+.endif
+
+post-patch:
+	@${REINPLACE_CMD} -e 's|%%PREFIX%%|${PREFIX}|' ${WRKSRC}/config.c
+	@${REINPLACE_CMD} -e 's|\(/etc/vpnc\)|${PREFIX}\1|' \
+		${WRKSRC}/${MAN8}.template
+
+do-install:
+	${INSTALL_PROGRAM} -m 751 ${WRKSRC}/vpnc ${PREFIX}/sbin/vpnc
+.if defined(WITH_DECRYPT)
+	${INSTALL_PROGRAM} ${WRKSRC}/cisco-decrypt ${PREFIX}/bin
+	${INSTALL_MAN} ${WRKSRC}/${MAN1} ${MANPREFIX}/man/man1
+.endif
+	${INSTALL_SCRIPT} -m 751 ${WRKSRC}/vpnc-script ${PREFIX}/sbin/vpnc-script
+	${INSTALL_SCRIPT} -m 751 ${WRKSRC}/vpnc-disconnect ${PREFIX}/sbin/vpnc-disconnect
+	${INSTALL_DATA} -m 600 ${WRKSRC}/vpnc.conf ${PREFIX}/etc/vpnc.conf.sample
+.if !exists(${PREFIX}/etc/vpnc.conf)
+	${INSTALL_DATA} -m 600 ${WRKSRC}/vpnc.conf ${PREFIX}/etc
+.endif
+	${INSTALL_MAN} ${WRKSRC}/${MAN8} ${MANPREFIX}/man/man8
+
+.if !defined(NOPORTDOCS)
+	${MKDIR} ${DOCSDIR}
+	@cd ${WRKSRC} && ${INSTALL_DATA} ${PORTDOCS} ${DOCSDIR}
+.endif
+
+.include <bsd.port.post.mk>
--- /dev/null
+++ security/vpnc/distinfo
@@ -0,0 +1,3 @@
+MD5 (vpnc-0.5.1.tar.gz) = 7a8e94dbe94f39a4fd89b72e0125f66f
+SHA256 (vpnc-0.5.1.tar.gz) = f63660bd020bbe6a39e8eb67ad60c54d719046c6198a6834371d098947f9a2ed
+SIZE (vpnc-0.5.1.tar.gz) = 91496
Index: Makefile
===================================================================
RCS file: /home/cvs/mports/security/Makefile,v
retrieving revision 1.77
retrieving revision 1.78
diff -L security/Makefile -L security/Makefile -u -r1.77 -r1.78
--- security/Makefile
+++ security/Makefile
@@ -81,6 +81,7 @@
     SUBDIR += vlock
     SUBDIR += vlog
     SUBDIR += vnccrack
+    SUBDIR += vpnc
     SUBDIR += webfwlog
     SUBDIR += wipe
     SUBDIR += wpa_supplicant
--- /dev/null
+++ security/vpnc/files/patch-config.c
@@ -0,0 +1,65 @@
+--- config.c.orig	2008-03-06 17:03:57.000000000 +0100
++++ config.c	2008-03-06 17:14:29.000000000 +0100
+@@ -257,17 +257,36 @@
+ 
+ static const char *config_def_app_version(void)
+ {
+-	struct utsname uts;
+-	char *version;
++        char *version;
++#ifndef CISCO_PATCH_VERSION
++        struct utsname uts;
+ 
+-	uname(&uts);
+-	asprintf(&version, "Cisco Systems VPN Client %s:%s", VERSION, uts.sysname);
+-	return version;
++        uname(&uts);
++#endif
++
++#ifdef CISCO_PATCH_VERSION
++        /*
++         * Raffaele De Lorenzo March 2008
++         * Some Cisco Concentrator refuse connection if the Presentation Version
++         * String is not the same like Official "Cisco VPN Client". This patch
++         * masked the version to "Cisco Systems VPN Client 4.8.00 (0490):Linux",
++         */
++#define CISCO_CONC_PRESENT_VERSION      "Cisco Systems VPN Client 4.8.00 (0490):Linux"
++#endif
++
++        asprintf(&version,
++#ifdef CISCO_PATCH_VERSION
++                CISCO_CONC_PRESENT_VERSION
++#else
++                "Cisco Systems VPN Client %s:%s", VERSION, uts.sysname
++#endif
++                );
++        return version;
+ }
+ 
+ static const char *config_def_script(void)
+ {
+-	return "/etc/vpnc/vpnc-script";
++	return "%%PREFIX%%/sbin/vpnc-script";
+ }
+ 
+ static const char *config_def_pid_file(void)
+@@ -538,7 +557,7 @@
+ {
+ 	char *realname;
+ 	
+-	asprintf(&realname, "%s%s%s", index(name, '/') ? "" : "/etc/vpnc/", name, add_dot_conf ? ".conf" : "");
++	asprintf(&realname, "%s%s%s", index(name, '/') ? "" : "%%PREFIX%%/etc/vpnc/", name, add_dot_conf ? ".conf" : "");
+ 	return realname;
+ }
+ 
+@@ -757,8 +776,8 @@
+ 	}
+ 	
+ 	if (!got_conffile) {
+-		read_config_file("/etc/vpnc/default.conf", config, 1);
+-		read_config_file("/etc/vpnc.conf", config, 1);
++		read_config_file("%%PREFIX%%/etc/vpnc/default.conf", config, 1);
++		read_config_file("%%PREFIX%%/etc/vpnc.conf", config, 1);
+ 	}
+ 	
+ 	if (!print_config) {
--- /dev/null
+++ security/vpnc/files/patch-Makefile
@@ -0,0 +1,42 @@
+--- Makefile.orig	2007-09-06 22:05:15.000000000 +0200
++++ Makefile	2008-02-29 21:58:37.000000000 +0100
+@@ -20,14 +20,14 @@
+ # $Id: Makefile 236 2007-09-05 20:40:59Z Joerg Mayer $
+ 
+ DESTDIR=
+-PREFIX=/usr/local
+-ETCDIR=/etc/vpnc
++PREFIX?=/usr/local
++ETCDIR=$(PREFIX)/etc/
+ BINDIR=$(PREFIX)/bin
+ SBINDIR=$(PREFIX)/sbin
+ MANDIR=$(PREFIX)/share/man
+ 
+ SRCS = sysdep.c vpnc-debug.c isakmp-pkt.c tunip.c config.c dh.c math_group.c supp.c
+-BINS = vpnc cisco-decrypt
++BINS += vpnc
+ OBJS = $(addsuffix .o,$(basename $(SRCS)))
+ BINOBJS = $(addsuffix .o,$(BINS))
+ BINSRCS = $(addsuffix .c,$(BINS))
+@@ -49,9 +49,9 @@
+ #OPENSSL_GPL_VIOLATION = -DOPENSSL_GPL_VIOLATION
+ #OPENSSLLIBS = -lcrypto
+ 
+-CC=gcc
+-CFLAGS ?= -O3 -g
+-CFLAGS += -W -Wall -Wmissing-declarations -Wwrite-strings
++CC?=gcc
++#CFLAGS ?= -O3 -g
++#CFLAGS += -W -Wall -Wmissing-declarations -Wwrite-strings
+ CFLAGS +=  $(shell libgcrypt-config --cflags)
+ CPPFLAGS += -DVERSION=\"$(VERSION)\" $(OPENSSL_GPL_VIOLATION)
+ LDFLAGS ?= -g
+@@ -74,7 +74,7 @@
+ 	./makeman.pl
+ 
+ cisco-decrypt : cisco-decrypt.o config.o supp.o sysdep.o vpnc-debug.o
+-	$(CC) -o $@ $^ $(LDFLAGS)
++	$(CC) $(CFLAGS) -o $@ $^ $(LDFLAGS)
+ 
+ .depend: $(SRCS) $(BINSRCS)
+ 	$(CC) -MM $(SRCS) $(BINSRCS) $(CFLAGS) $(CPPFLAGS) > $@
--- /dev/null
+++ security/vpnc/files/patch-vpnc-script
@@ -0,0 +1,13 @@
+--- vpnc-script.orig	2008-02-26 00:42:09.000000000 +0100
++++ vpnc-script	2008-02-26 00:43:41.000000000 +0100
+@@ -56,8 +56,8 @@
+ 		;;
+ esac
+ 
+-DEFAULT_ROUTE_FILE=/var/run/vpnc/defaultroute
+-RESOLV_CONF_BACKUP=/var/run/vpnc/resolv.conf-backup
++DEFAULT_ROUTE_FILE=/var/run/vpnc.defaultroute
++RESOLV_CONF_BACKUP=/var/run/vpnc.resolv.conf-backup
+ FULL_SCRIPTNAME=/usr/local/sbin/vpnc
+ SCRIPTNAME=`basename $FULL_SCRIPTNAME`
+ 
--- /dev/null
+++ security/vpnc/files/vpnc.in
@@ -0,0 +1,105 @@
+#!/bin/sh
+#
+# Author:	kamikaze
+# Contact:	kamikaze at bsdforen.de
+#
+# If vpnc_conf is defined, it will be treated as a list of configuration files
+# in vpnc_conf_dir. This managed mode is useful where where vpnc tunnels have
+# to be established through other vpnc tunnels.
+# You can pass further command line options to vpnc by specifying
+# them in vpnc_flags.
+#
+
+# PROVIDE: vpnc
+# REQUIRE: LOGIN
+# KEYWORD: shutdown
+
+# Default settings - don't change this.
+: ${vpnc_enable="NO"}
+: ${vpnc_pid_dir="/var/run"}
+: ${vpnc_pid_file="vpnc/pid"}
+: ${vpnc_conf_dir="%%PREFIX%%/etc"}
+: ${vpnc_record="$vpnc_pid_dir/vpnc.record"}
+
+. %%RC_SUBR%%
+
+name="vpnc"
+rcvar=`set_rcvar`
+
+command="%%PREFIX%%/sbin/$name"
+
+vpnc_start() {
+	if [ -z "$vpnc_conf" ]; then
+		#No configuration files given, run unmanaged.
+		$command $vpnc_flags
+		return $?
+	fi
+
+	# A list of configurations is present. Connect managing
+	# what is required for a clean shutdown later.
+
+	for config in $vpnc_conf; do
+
+		# The current configuration file.
+		current="$vpnc_conf_dir/$config"
+
+		# Start vpnc.
+		if ! $command --local-port 0 $current $vpnc_flags; then
+			status=$?
+			# VPNC does not print a newline after an error.
+			echo
+			echo "Running 'vpnc $current --local-port 0 $vpnc_flags' failed."
+			return $status
+		fi
+
+		# Wait for the system to catch up.
+		/bin/sleep 1
+
+		# Copy files to allow a clean shutdown
+		# of multiple connections.
+
+		/bin/cp "$vpnc_pid_dir/$vpnc_pid_file" "$vpnc_pid_dir/vpnc.$config.pid"
+		/bin/cp "$vpnc_pid_dir/vpnc.defaultroute" "$vpnc_pid_dir/vpnc.$config.defaultroute" 2> /dev/null
+		/bin/cp "$vpnc_pid_dir/vpnc.resolv.conf-backup" "$vpnc_pid_dir/vpnc.$config.resolv.conf-backup" 2> /dev/null
+		echo "$config" >> "$vpnc_record"
+	done
+}
+
+vpnc_stop() {
+	if [ ! -e "$vpnc_record" ]; then
+		/bin/sleep 1
+		# There's no record of connections, assume unmanaged shutdown.
+		$command-disconnect
+		return $?
+	fi
+
+	# A record of vpnc connections is present. Attempt a
+	# managed shutdown.
+
+	for config in `/usr/bin/tail -r "$vpnc_record"`; do
+
+		# Wait to give the system a chance to catch up with
+		# recent changes.
+
+		/bin/sleep 1
+
+		# Move the vpnc files back into position.
+
+		/bin/mv "$vpnc_pid_dir/vpnc.$config.pid" "$vpnc_pid_dir/$vpnc_pid_file"
+		/bin/mv "$vpnc_pid_dir/vpnc.$config.defaultroute" "$vpnc_pid_dir/vpnc.defaultroute" 2> /dev/null
+		/bin/mv "$vpnc_pid_dir/vpnc.$config.resolv.conf-backup" "$vpnc_pid_dir/vpnc.resolv.conf-backup" 2> /dev/null
+
+		# Run the disconnect command.
+		$command-disconnect
+	done
+
+	# Remove the connection record.
+
+	/bin/rm "$vpnc_record"
+}
+
+start_cmd=vpnc_start
+stop_cmd=vpnc_stop
+
+load_rc_config $name
+run_rc_command "$1"

More information about the Midnightbsd-cvs mailing list