From owner-svn-ports-head@freebsd.org Mon Sep 30 17:06:24 2019 Return-Path: Delivered-To: svn-ports-head@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4A42812CD52; Mon, 30 Sep 2019 17:06:24 +0000 (UTC) (envelope-from garga@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 46hphc1Hcvz4BBD; Mon, 30 Sep 2019 17:06:24 +0000 (UTC) (envelope-from garga@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 10B195D14; Mon, 30 Sep 2019 17:06:24 +0000 (UTC) (envelope-from garga@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x8UH6NdR058996; Mon, 30 Sep 2019 17:06:23 GMT (envelope-from garga@FreeBSD.org) Received: (from garga@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id x8UH6N06058995; Mon, 30 Sep 2019 17:06:23 GMT (envelope-from garga@FreeBSD.org) Message-Id: <201909301706.x8UH6N06058995@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: garga set sender to garga@FreeBSD.org using -f From: Renato Botelho Date: Mon, 30 Sep 2019 17:06:23 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r513403 - head/security/strongswan X-SVN-Group: ports-head X-SVN-Commit-Author: garga X-SVN-Commit-Paths: head/security/strongswan X-SVN-Commit-Revision: 513403 X-SVN-Commit-Repository: ports MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-head@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the ports tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 30 Sep 2019 17:06:24 -0000 Author: garga Date: Mon Sep 30 17:06:23 2019 New Revision: 513403 URL: https://svnweb.freebsd.org/changeset/ports/513403 Log: Add a new option to enable PKCS11 plugin PR: 240684 Approved by: strongswan@Nanoteq.com (maintainer) Obtained from: pfSense Sponsored by: Rubicon Communications, LLC (Netgate) Modified: head/security/strongswan/Makefile head/security/strongswan/pkg-plist Modified: head/security/strongswan/Makefile ============================================================================== --- head/security/strongswan/Makefile Mon Sep 30 16:52:24 2019 (r513402) +++ head/security/strongswan/Makefile Mon Sep 30 17:06:23 2019 (r513403) @@ -41,8 +41,9 @@ CONFIGURE_ARGS= --enable-kernel-pfkey \ --with-lib-prefix=${PREFIX} OPTIONS_DEFINE= CURL EAPAKA3GPP2 EAPDYNAMIC EAPRADIUS EAPSIMFILE GCM IKEV1 \ - IPSECKEY KERNELLIBIPSEC LOADTESTER LDAP MEDIATION MYSQL PKI SCEP SMP \ - SQLITE SWANCTL TESTVECTOR TPM UNBOUND UNITY VICI XAUTH + IPSECKEY KERNELLIBIPSEC LOADTESTER LDAP MEDIATION MYSQL PKI \ + PKCS11 SCEP SMP SQLITE SWANCTL TESTVECTOR TPM UNBOUND UNITY \ + VICI XAUTH OPTIONS_DEFINE_i386= VIA OPTIONS_DEFAULT= BUILTIN CURL IKEV1 PKI SWANCTL VICI OPTIONS_SINGLE= PRINTF_HOOKS @@ -50,6 +51,7 @@ OPTIONS_SINGLE_PRINTF_HOOKS= BUILTIN LIBC VSTR OPTIONS_SUB= yes # Description of options +BUILTIN_DESC= Use builtin printf hooks CURL_DESC= Enable CURL to fetch CRL/OCSP EAPAKA3GPP2_DESC= Enable EAP AKA with 3gpp2 backend EAPDYNAMIC_DESC= Enable EAP dynamic proxy module @@ -59,8 +61,10 @@ GCM_DESC= Enable GCM AEAD wrapper crypto plugin IKEV1_DESC= Enable IKEv1 support IPSECKEY_DESC= Enable authentication with IPSECKEY resource records with DNSSEC KERNELLIBIPSEC_DESC= Enable IPSec userland backend +LIBC_DESC= Use libc printf hooks LOADTESTER_DESC= Enable load testing plugin MEDIATION_DESC= Enable IKEv2 Mediation Extension +PKCS11_DESC= Enable PKCS11 token support PKI_DESC= Enable PKI tools SCEP_DESC= Enable Simple Certificate Enrollment Protocol SMP_DESC= Enable XML-based management protocol (DEPRECATED) @@ -69,14 +73,13 @@ TESTVECTOR_DESC= Enable crypto test vectors TPM_DESC= Enable TPM plugin UNBOUND_DESC= Enable DNSSEC-enabled resolver UNITY_DESC= Enable Cisco Unity extension plugin +VIA_DESC= Enable VIA Padlock support VICI_DESC= Enable VICI management protocol -XAUTH_DESC= Enable XAuth password verification -BUILTIN_DESC= Use builtin printf hooks -LIBC_DESC= Use libc printf hooks VSTR_DESC= Use devel/vstr printf hooks -VIA_DESC= Enable VIA Padlock support +XAUTH_DESC= Enable XAuth password verification # Extra options +BUILTIN_CONFIGURE_ON= --with-printf-hooks=builtin CURL_CONFIGURE_ON= --enable-curl CURL_LIB_DEPENDS= libcurl.so:ftp/curl EAPAKA3GPP2_CONFIGURE_ON= --enable-eap-aka --enable-eap-aka-3gpp2 @@ -88,16 +91,18 @@ GCM_CONFIGURE_ON= --enable-gcm IKEV1_CONFIGURE_OFF= --disable-ikev1 IPSECKEY_CONFIGURE_ON= --enable-ipseckey KERNELLIBIPSEC_CONFIGURE_ON= --enable-kernel-libipsec -LOADTESTER_CONFIGURE_ON=--enable-load-tester LDAP_CONFIGURE_ON= --enable-ldap LDAP_USE= OPENLDAP=yes +LIBC_CONFIGURE_ON= --with-printf-hooks=glibc +LOADTESTER_CONFIGURE_ON=--enable-load-tester MEDIATION_CONFIGURE_ON= --enable-mediation MYSQL_CONFIGURE_ON= --enable-mysql MYSQL_USES= mysql +PKCS11_CONFIGURE_ON= --enable-pkcs11 PKI_CONFIGURE_OFF= --disable-pki SCEP_CONFIGURE_OFF= --disable-scepclient -SMP_LIB_DEPENDS= libxml2.so:textproc/libxml2 SMP_CONFIGURE_ON= --enable-smp +SMP_LIB_DEPENDS= libxml2.so:textproc/libxml2 SQLITE_CONFIGURE_ON= --enable-sqlite SQLITE_LIB_DEPENDS= libsqlite3.so:databases/sqlite3 SWANCTL_CONFIGURE_ON= --enable-swanctl @@ -108,15 +113,13 @@ UNBOUND_CONFIGURE_ON= --enable-unbound UNBOUND_LIB_DEPENDS= libunbound.so:dns/unbound \ libldns.so:dns/ldns UNITY_CONFIGURE_ON= --enable-unity +VIA_CONFIGURE_ON= --enable-padlock VICI_CONFIGURE_ON= --enable-vici +VSTR_CONFIGURE_ON= --with-printf-hooks=vstr +VSTR_LIB_DEPENDS= libvstr.so:devel/vstr XAUTH_CONFIGURE_ON= --enable-xauth-eap \ --enable-xauth-generic \ --enable-xauth-pam -BUILTIN_CONFIGURE_ON= --with-printf-hooks=builtin -LIBC_CONFIGURE_ON= --with-printf-hooks=glibc -VSTR_CONFIGURE_ON= --with-printf-hooks=vstr -VSTR_LIB_DEPENDS= libvstr.so:devel/vstr -VIA_CONFIGURE_ON= --enable-padlock .include Modified: head/security/strongswan/pkg-plist ============================================================================== --- head/security/strongswan/pkg-plist Mon Sep 30 16:52:24 2019 (r513402) +++ head/security/strongswan/pkg-plist Mon Sep 30 17:06:23 2019 (r513403) @@ -48,6 +48,7 @@ @sample %%ETCDIR%%.d/charon/pem.conf.sample @sample %%ETCDIR%%.d/charon/pgp.conf.sample @sample %%ETCDIR%%.d/charon/pkcs1.conf.sample +%%PKCS11%%@sample %%ETCDIR%%.d/charon/pkcs11.conf.sample @sample %%ETCDIR%%.d/charon/pkcs12.conf.sample @sample %%ETCDIR%%.d/charon/pkcs7.conf.sample @sample %%ETCDIR%%.d/charon/pkcs8.conf.sample @@ -201,6 +202,8 @@ lib/ipsec/plugins/libstrongswan-pgp.la lib/ipsec/plugins/libstrongswan-pgp.so lib/ipsec/plugins/libstrongswan-pkcs1.la lib/ipsec/plugins/libstrongswan-pkcs1.so +%%PKCS11%%lib/ipsec/plugins/libstrongswan-pkcs11.la +%%PKCS11%%lib/ipsec/plugins/libstrongswan-pkcs11.so lib/ipsec/plugins/libstrongswan-pkcs12.la lib/ipsec/plugins/libstrongswan-pkcs12.so lib/ipsec/plugins/libstrongswan-pkcs7.la @@ -333,6 +336,7 @@ sbin/ipsec %%DATADIR%%/templates/config/plugins/pem.conf %%DATADIR%%/templates/config/plugins/pgp.conf %%DATADIR%%/templates/config/plugins/pkcs1.conf +%%PKCS11%%%%DATADIR%%/templates/config/plugins/pkcs11.conf %%DATADIR%%/templates/config/plugins/pkcs12.conf %%DATADIR%%/templates/config/plugins/pkcs7.conf %%DATADIR%%/templates/config/plugins/pkcs8.conf