Date: Sat, 8 Nov 2014 02:07:10 -0800 From: John-Mark Gurney <jmg@funkthat.com> To: ports@FreeBSD.org Subject: review of new tcpcrypt port... Message-ID: <20141108100709.GF24601@funkthat.com>
next in thread | raw e-mail | index | archive | help
--FkmkrVfFsRoUs1wW
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
I'd like someone to review the attached port for me to commit... It
contains a daemon to run on divert sockets to implement the tcpcrypt
protocol. I have tested this port w/ HEAD and it works fine w/ the
attached patch...
The included patch has been submitted upstream and committed, but a
new release has not yet been released.
portlint -A looks fine.
Thanks.
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
--FkmkrVfFsRoUs1wW
Content-Type: text/x-diff; charset=us-ascii
Content-Disposition: attachment; filename="tcpcrypt.port.patch"
Index: GIDs
===================================================================
--- GIDs (revision 372292)
+++ GIDs (working copy)
@@ -223,6 +223,7 @@
polw:*:825:
statsd:*:826:
netdisco:*:840:
+tcpcryptd:*:841:
munin:*:842:
dahdi:*:843:asterisk
fossy:*:901:www
Index: UIDs
===================================================================
--- UIDs (revision 372292)
+++ UIDs (working copy)
@@ -229,6 +229,7 @@
polw:*:825:825::0:0:Policyd-weight Cache Owner:/nonexistent:/sbin/nologin
statsd:*:826:826::0:0:Statsd Daemon:/nonexistent:/sbin/nologin
netdisco:*:840:840::0:0:netdisco daemon:/nonexistent:/usr/sbin/nologin
+tcpcryptd:*:841:841::0:0:tcpcrypt daemon:/nonexistent:/usr/sbin/nologin
munin:*:842:842::0:0:Munin:/var/munin:/usr/sbin/nologin
fossy:*:901:901::0:0:FOSSology user:/usr/local/share/fossology:/usr/local/bin/bash
scanlogd:*:902:902::0:0:scanlogd user:/nonexistent:/usr/sbin/nologin
Index: security/tcpcrypt/Makefile
===================================================================
--- security/tcpcrypt/Makefile (revision 0)
+++ security/tcpcrypt/Makefile (working copy)
@@ -0,0 +1,27 @@
+# Created by: John-Mark Gurney <jmg@FreeBSD.org>
+# $FreeBSD$
+
+PORTNAME= tcpcrypt
+DISTVERSION= 0.3.rc1
+CATEGORIES= security net
+
+MAINTAINER= jmg@FreeBSD.org
+COMMENT= TCPCrypt userland divert daemon
+
+LICENSE= BSD2CLAUSE
+
+USE_GITHUB= yes
+GH_ACCOUNT= scslab
+GH_TAGNAME= v0.3-rc1
+GH_COMMIT= b110e7e
+
+#WRKSRC_SUBDIR= user
+GNU_CONFIGURE= yes
+USE_LDCONFIG= yes
+USES= autoreconf libtool
+INSTALL_TARGET= install-strip
+
+USERS= tcpcryptd
+GROUPS= tcpcryptd
+
+.include <bsd.port.mk>
Property changes on: security/tcpcrypt/Makefile
___________________________________________________________________
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Added: svn:keywords
## -0,0 +1 ##
+FreeBSD=%H
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Index: security/tcpcrypt/distinfo
===================================================================
--- security/tcpcrypt/distinfo (revision 0)
+++ security/tcpcrypt/distinfo (working copy)
@@ -0,0 +1,2 @@
+SHA256 (tcpcrypt-0.3.rc1.tar.gz) = da184da7b702cadeaec670f09e34af8d41be84d81ad253f4d977aaaa576da865
+SIZE (tcpcrypt-0.3.rc1.tar.gz) = 183047
Index: security/tcpcrypt/files/patch-unix.c
===================================================================
--- security/tcpcrypt/files/patch-unix.c (revision 0)
+++ security/tcpcrypt/files/patch-unix.c (working copy)
@@ -0,0 +1,17 @@
+--- src/unix.c.orig 2014-09-10 16:22:26.000000000 -0700
++++ src/unix.c 2014-10-31 23:59:29.000000000 -0700
+@@ -57,7 +57,13 @@
+ s_in.sin_addr = ip->ip_dst;
+ s_in.sin_port = tcp->th_dport;
+
+-#if defined(__FreeBSD__) || defined(__DARWIN_UNIX03)
++#if defined(__FreeBSD__)
++#include <osreldate.h>
++#if __FreeBSD_version < 1000022
++ #define HO_LEN
++#endif
++#endif
++#ifdef __DARWIN_UNIX03
+ #define HO_LEN
+ #endif
+ #ifdef HO_LEN
Property changes on: security/tcpcrypt/files/patch-unix.c
___________________________________________________________________
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Added: svn:keywords
## -0,0 +1 ##
+FreeBSD=%H
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Index: security/tcpcrypt/pkg-descr
===================================================================
--- security/tcpcrypt/pkg-descr (revision 0)
+++ security/tcpcrypt/pkg-descr (working copy)
@@ -0,0 +1,12 @@
+Tcpcrypt is a protocol that attempts to encrypt (almost) all of your
+network traffic. Unlike other security mechanisms, Tcpcrypt works out
+of the box: it requires no configuration, no changes to applications,
+and your network connections will continue to work even if the remote
+end does not support Tcpcrypt, in which case connections will
+gracefully fall back to standard clear-text TCP. Install Tcpcrypt and
+you'll feel no difference in your every day user experience, but yet
+your traffic will be more secure and you'll have made life much harder
+for hackers.
+
+WWW: http://www.tcpcrypt.org/
+WWW: https://github.com/sorbo/tcpcrypt
Index: security/tcpcrypt/pkg-plist
===================================================================
--- security/tcpcrypt/pkg-plist (revision 0)
+++ security/tcpcrypt/pkg-plist (working copy)
@@ -0,0 +1,10 @@
+bin/tcnetstat
+bin/tcpcryptd
+include/tcpcrypt/socket_address.h
+include/tcpcrypt/tcpcrypt.h
+lib/libtcpcrypt.a
+lib/libtcpcrypt.so
+lib/libtcpcrypt.so.0
+lib/libtcpcrypt.so.0.0.0
+man/man8/tcnetstat.8.gz
+man/man8/tcpcryptd.8.gz
--FkmkrVfFsRoUs1wW--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20141108100709.GF24601>