Date: Mon, 25 Oct 2021 10:33:53 GMT From: Philip Paeps <philip@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-branches@FreeBSD.org Subject: git: 7c6c750a793c - 2021Q4 - net/fort: new port: FORT Validator Message-ID: <202110251033.19PAXrhs033244@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch 2021Q4 has been updated by philip: URL: https://cgit.FreeBSD.org/ports/commit/?id=7c6c750a793c21ac10c5ce3cb33f61bc0f8aaa4e commit 7c6c750a793c21ac10c5ce3cb33f61bc0f8aaa4e Author: Philip Paeps <philip@FreeBSD.org> AuthorDate: 2021-10-22 05:53:47 +0000 Commit: Philip Paeps <philip@FreeBSD.org> CommitDate: 2021-10-25 10:32:37 +0000 net/fort: new port: FORT Validator FORT Validator is an open source RPKI validator. This solution allows operators to validate BGP routing information against the RPKI repository for use in router configuration and resolution. Submitted by: Toni Kalombo <toni@devboks.com> (maintainer) Tested by: Mark Tinka <mark@tinka.africa> (cherry picked from commit a679f9da38655155d6293ba194ce140f7531609c) --- net/Makefile | 1 + net/fort/Makefile | 41 +++++++++++++++++++++++++++++++ net/fort/distinfo | 3 +++ net/fort/files/fort.in | 47 ++++++++++++++++++++++++++++++++++++ net/fort/files/patch-src_Makefile.am | 11 +++++++++ net/fort/files/pkg-message.in | 25 +++++++++++++++++++ net/fort/pkg-descr | 7 ++++++ net/fort/pkg-plist | 5 ++++ 8 files changed, 140 insertions(+) diff --git a/net/Makefile b/net/Makefile index d5df5e4db1d6..449ad8cc492e 100644 --- a/net/Makefile +++ b/net/Makefile @@ -155,6 +155,7 @@ SUBDIR += findomain SUBDIR += flower SUBDIR += foreman-proxy + SUBDIR += fort SUBDIR += fpc-ldap SUBDIR += fpc-libenet SUBDIR += fpc-pcap diff --git a/net/fort/Makefile b/net/fort/Makefile new file mode 100644 index 000000000000..dd163a3ca597 --- /dev/null +++ b/net/fort/Makefile @@ -0,0 +1,41 @@ +PORTNAME= fort +DISTVERSION= 1.5.2 +CATEGORIES= net + +MAINTAINER= toni@devboks.com +COMMENT= FORT Validator is an open source RPKI validator + +LICENSE= MIT +LICENSE_FILE= ${WRKSRC}/LICENSE + +LIB_DEPENDS= libcurl.so:ftp/curl libjansson.so:devel/jansson \ + libxml2.so:textproc/libxml2 +RUN_DEPENDS= ${LOCALBASE}/bin/rsync:net/rsync + +USES= autoreconf pkgconfig ssl +USE_GCC= yes +USE_GITHUB= yes +USE_RC_SUBR= fort + +GH_ACCOUNT= NICMx +GH_PROJECT= FORT-validator + +GNU_CONFIGURE= yes + +SUB_FILES= pkg-message + +post-patch: + @${REINPLACE_CMD} -e "s|/tmp/fort|${ETCDIR}|" \ + ${WRKSRC}/examples/config.json + @${REINPLACE_CMD} -e "s|/usr/local/ssl|/etc/ssl|" \ + ${WRKSRC}/examples/config.json + @${REINPLACE_CMD} -e "s|rsync\",|${LOCALBASE}/bin/rsync\",|" \ + ${WRKSRC}/examples/config.json + @${REINPLACE_CMD} -e "/\"daemon\": false,/d" \ + ${WRKSRC}/examples/config.json +post-install: + @${MKDIR} ${STAGEDIR}${ETCDIR}/repository ${STAGEDIR}${ETCDIR}/tal + ${INSTALL_DATA} ${WRKSRC}/examples/config.json \ + ${STAGEDIR}${ETCDIR}/fort-config.json.sample + +.include <bsd.port.mk> diff --git a/net/fort/distinfo b/net/fort/distinfo new file mode 100644 index 000000000000..9a35cf2481e2 --- /dev/null +++ b/net/fort/distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1634812159 +SHA256 (NICMx-FORT-validator-1.5.2_GH0.tar.gz) = c49b7badcf6dae05b7c9ae9cb3b1514d2b742d868b83f8b8deb0d7ae0a3e6bf2 +SIZE (NICMx-FORT-validator-1.5.2_GH0.tar.gz) = 482094 diff --git a/net/fort/files/fort.in b/net/fort/files/fort.in new file mode 100644 index 000000000000..57350ee26020 --- /dev/null +++ b/net/fort/files/fort.in @@ -0,0 +1,47 @@ +#!/bin/sh + +# PROVIDE: fort +# REQUIRE: DAEMON fort +# BEFORE: LOGIN +# KEYWORD: shutdown + +# Define fort_enable in /etc/rc.conf[.local] to enable it. +# +# fort_enable (bool): Set to "NO" by default. +# Set it to "YES" to enable fort. + +. /etc/rc.subr + +name="fort" +rcvar=fort_enable +start_precmd=check_init +command="%%PREFIX%%/bin/${name}" + +load_rc_config $name +: ${fort_enable="NO"} +: ${wrkdir:="%%ETCDIR%%"} + + +fort_config=${fort_conf:-"%%ETCDIR%%/fort-config.json"} +required_file=${fort_config} +command_args="--configuration-file=${fort_config} --daemon=true" + +check_init() { + if [ ! -d ${wrkdir}/tal ]; then + echo + echo -n "Need to initialize fort with tals, " + echo "see man fort" + echo + exit 1 + fi + if [ ! -f ${fort_config} ]; then + echo + echo -n "Configuration file not found at ${fort_config} " + echo "Please create one before starting Fort, " + echo "see man fort" + echo + exit 1 + fi +} + +run_rc_command "$1" diff --git a/net/fort/files/patch-src_Makefile.am b/net/fort/files/patch-src_Makefile.am new file mode 100644 index 000000000000..7455183d1f5b --- /dev/null +++ b/net/fort/files/patch-src_Makefile.am @@ -0,0 +1,11 @@ +--- src/Makefile.am.orig 2021-09-20 02:51:17 UTC ++++ src/Makefile.am +@@ -130,7 +130,7 @@ fort_SOURCES += $(ASN_MODULE_SRCS) $(ASN_MODULE_HDRS) + fort_CFLAGS = -Wall -Wno-cpp -Wpedantic + # Feel free to temporarily remove this one if you're not using gcc 7.3.0. + #fort_CFLAGS += $(GCC_WARNS) +-fort_CFLAGS += -std=gnu11 -O2 -g $(FORT_FLAGS) ${XML2_CFLAGS} ++fort_CFLAGS += -std=gnu11 -O2 -g $(FORT_FLAGS) ${XML2_CFLAGS} ${JANSSON_CFLAGS} + fort_LDFLAGS = $(LDFLAGS_DEBUG) + fort_LDADD = ${JANSSON_LIBS} ${CURL_LIBS} ${XML2_LIBS} + diff --git a/net/fort/files/pkg-message.in b/net/fort/files/pkg-message.in new file mode 100644 index 000000000000..f9994a632db0 --- /dev/null +++ b/net/fort/files/pkg-message.in @@ -0,0 +1,25 @@ +[ +{ type: install + message: <<EOM +A default configuration file has been installed in +%%ETCDIR%%/fort-config.json.sample. + +To use FORT, you will need the Trust Anchor Locator (TAL) files. +You can download these by running "fort --init-tals" as follows: + +# fort --init-tals --tal %%ETCDIR%%/tal + +When you have downloaded the TAL files, you can start the RTR +server and validator: + +# sysrc fort_enable=YES # or edit /etc/rc.conf manually +# service fort start + +The default configuration will bind the RTR server to localhost +on port 8323. + +Consult the FORT manual for more information: +https://nicmx.github.io/FORT-validator/run.html +EOM +} +] diff --git a/net/fort/pkg-descr b/net/fort/pkg-descr new file mode 100644 index 000000000000..8bf7a5d2318f --- /dev/null +++ b/net/fort/pkg-descr @@ -0,0 +1,7 @@ +FORT validator is an MIT-licensed RPKI Relying Party, this is a tool offered as +part of the FORT project. It is a solution that allows operators to validate BGP +routing information against the RPKI repository for use in router configuration +and resolution. The service performs the validation of the entire RPKI +repository, and which serves the resulting ROAs for easy access by your routers. + +WWW: https://fortproject.net/en/validator diff --git a/net/fort/pkg-plist b/net/fort/pkg-plist new file mode 100644 index 000000000000..59996756b0fa --- /dev/null +++ b/net/fort/pkg-plist @@ -0,0 +1,5 @@ +bin/fort +man/man8/fort.8.gz +@dir %%ETCDIR%%/repository +@dir %%ETCDIR%%/tal +@sample %%ETCDIR%%/fort-config.json.sample
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202110251033.19PAXrhs033244>