From owner-freebsd-ports-bugs@FreeBSD.ORG  Thu May 13 16:20:18 2004
Return-Path: <owner-freebsd-ports-bugs@FreeBSD.ORG>
Delivered-To: freebsd-ports-bugs@hub.freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 9056A16A4CE
	for <freebsd-ports-bugs@hub.freebsd.org>;
	Thu, 13 May 2004 16:20:18 -0700 (PDT)
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP id B9DCB43D31
	for <freebsd-ports-bugs@hub.freebsd.org>;
	Thu, 13 May 2004 16:20:15 -0700 (PDT)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	i4DNKFhV006379	for <freebsd-ports-bugs@freefall.freebsd.org>;
	Thu, 13 May 2004 16:20:15 -0700 (PDT)
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.12.11/8.12.11/Submit) id i4DNKFYF006378;
	Thu, 13 May 2004 16:20:15 -0700 (PDT)
	(envelope-from gnats)
Resent-Date: Thu, 13 May 2004 16:20:15 -0700 (PDT)
Resent-Message-Id: <200405132320.i4DNKFYF006378@freefall.freebsd.org>
Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer)
Resent-To: freebsd-ports-bugs@FreeBSD.org
Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org,
	Christian Lackas <delta@lackas.net>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id A24E316A4CE
	for <FreeBSD-gnats-submit@freebsd.org>;
	Thu, 13 May 2004 16:11:57 -0700 (PDT)
Received: from zam151.fz-juelich.de (zam151.fz-juelich.de [134.94.100.14])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 1982643D2F
	for <FreeBSD-gnats-submit@freebsd.org>;
	Thu, 13 May 2004 16:11:53 -0700 (PDT)
	(envelope-from c.lackas@fz-juelich.de)
Received: by zam151.fz-juelich.de (Postfix, from userid 65534)
	id B40FB72F94; Fri, 14 May 2004 01:11:51 +0200 (CEST)
Received: from zel726.zel.kfa-juelich.de (localhost [127.0.0.1])
	by zam151.fz-juelich.de (Postfix) with ESMTP id 7A4C672ED0
	for <FreeBSD-gnats-submit@freebsd.org>;
	Fri, 14 May 2004 01:11:49 +0200 (CEST)
Received: from zel726.zel.kfa-juelich.de (localhost [127.0.0.1])
	i4DNBnWa017705	for <FreeBSD-gnats-submit@freebsd.org>;
	Fri, 14 May 2004 01:11:49 +0200 (CEST)
	(envelope-from lackas@zel726.zel.kfa-juelich.de)
Received: (from lackas@localhost)i4DNBnvA017704;
	Fri, 14 May 2004 01:11:49 +0200 (CEST)	(envelope-from lackas)
Message-Id: <200405132311.i4DNBnvA017704@zel726.zel.kfa-juelich.de>
Date: Fri, 14 May 2004 01:11:49 +0200 (CEST)
From: Christian Lackas <delta@lackas.net>
To: FreeBSD-gnats-submit@FreeBSD.org
X-Send-Pr-Version: 3.113
Subject: 
	ports/66624: [maintainer-update] security/vpnc update to new version
X-BeenThere: freebsd-ports-bugs@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: Christian Lackas <delta@lackas.net>
List-Id: Ports bug reports <freebsd-ports-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>,
	<mailto:freebsd-ports-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports-bugs>
List-Post: <mailto:freebsd-ports-bugs@freebsd.org>
List-Help: <mailto:freebsd-ports-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>,
	<mailto:freebsd-ports-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 13 May 2004 23:20:18 -0000


>Number:         66624
>Category:       ports
>Synopsis:       [maintainer-update] security/vpnc update to new version
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Thu May 13 16:20:14 PDT 2004
>Closed-Date:
>Last-Modified:
>Originator:     Christian Lackas
>Release:        FreeBSD 5.2.1-RELEASE-p5 i386
>Organization:
Troja Incorporated
>Environment:
System: FreeBSD zel726.zel.kfa-juelich.de 5.2.1-RELEASE-p5 FreeBSD 5.2.1-RELEASE-p5 #7: Thu May 13 16:24:06 CEST 2004 root@zel726.zel.kfa-juelich.de:/usr/obj/usr/src/sys/KERNEL.ZEL726 i386


	
>Description:

	- update to vpnc-0.2-rm+zomb.1.tar.gz  Thu May 13 23:34:09 CEST 2004
	- updated man-page

>How-To-Repeat:
>Fix:

	cd /usr/ports/security && patch -p0 <vpnc-0.2_8.patch

	Patch is attached an available at

		http://www.lackas.net/freebsd/vpnc-0.2_8.patch


diff -urN /usr/ports/security/vpnc/Makefile vpnc/Makefile
--- /usr/ports/security/vpnc/Makefile	Fri May 14 01:01:04 2004
+++ vpnc/Makefile	Fri May 14 01:05:21 2004
@@ -7,11 +7,11 @@
 
 PORTNAME=	vpnc
 PORTVERSION=	0.2
-PORTREVISION=	7
+PORTREVISION=	8
 CATEGORIES=	security
 MASTER_SITES=	http://www.unix-ag.uni-kl.de/~massar/vpnc/:source \
 	http://dragon.roe.ch/mirrors/distfiles/vpnc/:script
-DISTNAME=	${PORTNAME}-${PORTVERSION}-rm+zomb-pre9
+DISTNAME=	${PORTNAME}-${PORTVERSION}-rm+zomb.1
 DISTFILES=	${DISTNAME}${EXTRACT_SUFX}:source ${STARTSCRIPT}:script
 EXTRACT_ONLY=	${DISTNAME}${EXTRACT_SUFX}
 
@@ -50,7 +50,8 @@
 	@${INSTALL_SCRIPT} -m 755 ${WRKDIR}/vpnc.sh-fulltunnel ${PREFIX}/etc/rc.d/vpnc.sh.sample-fulltunnel
 	@${INSTALL_DATA} -m 600 ${WRKSRC}/vpnc.conf ${PREFIX}/etc/vpnc.conf.sample
 .if !defined(NO_INSTALL_MANPAGES)
-	@${INSTALL_MAN} ${FILESDIR}/vpnc.8 ${PREFIX}/man/man8
+	@${REINPLACE_CMD} -e 's|%%PREFIX%%|${PREFIX}|' ${WRKSRC}/vpnc.8
+	@${INSTALL_MAN} ${WRKSRC}/vpnc.8 ${PREFIX}/man/man8
 .endif
 .if !defined(NOPORTDOCS)
 	${MKDIR} ${DOCSDIR}
diff -urN /usr/ports/security/vpnc/distinfo vpnc/distinfo
--- /usr/ports/security/vpnc/distinfo	Fri May 14 01:01:04 2004
+++ vpnc/distinfo	Fri May 14 00:54:43 2004
@@ -1,4 +1,4 @@
-MD5 (vpnc-0.2-rm+zomb-pre9.tar.gz) = 252b565a4cb8a85644fa00fc96d4c3c2
-SIZE (vpnc-0.2-rm+zomb-pre9.tar.gz) = 52182
+MD5 (vpnc-0.2-rm+zomb.1.tar.gz) = ded67de747874c4245ed8405146dc94a
+SIZE (vpnc-0.2-rm+zomb.1.tar.gz) = 54166
 MD5 (vpnc-wrapper-1.10) = 32c11fe4de7f0cda2fdfcc7dd2a40271
 SIZE (vpnc-wrapper-1.10) = 6414
diff -urN /usr/ports/security/vpnc/files/patch-vpnc.8 vpnc/files/patch-vpnc.8
--- /usr/ports/security/vpnc/files/patch-vpnc.8	Thu Jan  1 01:00:00 1970
+++ vpnc/files/patch-vpnc.8	Fri May 14 00:53:47 2004
@@ -0,0 +1,169 @@
+--- vpnc.8.orig	Fri May 14 00:27:57 2004
++++ vpnc.8	Fri May 14 00:53:08 2004
+@@ -1,4 +1,5 @@
+-.TH "VPNC" "8" "13 Mai 2004" "Debian" "vpnc"
++.\" groff -man -Tascii vpnc.8
++.TH "VPNC" "8" "Mai 2004" "FreeBSD" "vpnc"
+ 
+ .SH NAME
+ vpnc \- client for cisco3000 VPN Concentrator
+@@ -36,10 +37,6 @@
+ 
+ .SH "DESCRIPTION"
+ .PP
+-This manual page documents briefly the
+-\fBvpnc\fR, \fBvpnc\-connect\fR and
+-\fBvpnc\-disconnect\fR commands.
+-.PP
+ \fBvpnc\fR is a 
+ VPN client for the Cisco 3000 VPN  Concentrator,  creating  a IPSec-like
+ connection as a tunneling network device for the local system. It uses
+@@ -57,26 +54,17 @@
+ command (see \-\-script) to configure the interface and care about the
+ route setup. By default, only a simple ifconfig command is executed.
+ .PP
+-The command \fBvpnc\-connect\fR is a helper script that will assist on
+-connection invocation and routing configuration. It can also be used to manage configuration files
+-for multiple VPN connections. The script can be started by the user or
+-from the daemon (see \-\-script) when the connection is established. In
+-the first case, it will simply run the daemon after some environment
+-checks. When executed by the daemon later, it will create a minimalistic
+-host route to the gateway and configures the default gateway
+-configuration of Linux to run over the VPN tunnel.
+-.PP
+-The \fBvpnc\-disconnect\fR command is used to terminate
+-the connection previously created by \fBvpnc\-connect\fR
+-and restore the previous routing configuration.
++The script installed at \fB%%PREFIX%%/etc/rc.d/vpnc.sh.sample\fR contains an example
++of how to set up a tunnel. The \fBvpnc.sh.sample-fulltunnel\fR is are more intelligent
++script to set up a full tunnel.
+ 
+ .SH CONFIGURATION
+ The daemon reads configuration data from the following places:
+ .PD 0
+ .IP "- command line options"
+ .IP "- config file(s) specified on the command line"
+-.IP "- /etc/vpnc/default.conf"
+-.IP "- /etc/vpnc.conf"
++.IP "- %%PREFIX%%/etc/vpnc/default.conf"
++.IP "- %%PREFIX%%/etc/vpnc.conf"
+ .IP "- prompting the user if not found above"
+ 
+ .PP
+@@ -104,66 +92,66 @@
+ IP or host name of your IPSec gateway
+ 
+ .IP "\-\-id <ASCII string>"
+- Your group name in <ASCII string>
++Your group name in <ASCII string>
+       
+ .IP "\-\-username <ASCII string>"
+-  Your username
++Your username
+ 
+ .IP "\-\-script <command>"
+-  The <command> specified here is executed when the connection has been
+-  established, in order to configure the interface, routing and so on.
+-  Device name, IP, etc. are passed using enviroment variables, see
+-  README. This script is executed right after ISAKMP is done, but befor
+-  tunneling is enabled. Some environment variables are set and can be
+-  used for the detail configuration. Default command: ifconfig $TUNDEV
+-  inet $INTERNAL_IP4_ADDRESS pointopoint $INTERNAL_IP4_ADDRESS netmask
+-  255.255.255.255 mtu 1412 up
++The <command> specified here is executed when the connection has been
++established, in order to configure the interface, routing and so on.
++Device name, IP, etc. are passed using enviroment variables, see
++README. This script is executed right after ISAKMP is done, but befor
++tunneling is enabled. Some environment variables (namely TUNDEV and VPNGATEWAY)
++are set and can be used for the detail configuration. Default command: ifconfig
++$TUNDEV inet $INTERNAL_IP4_ADDRESS pointopoint $INTERNAL_IP4_ADDRESS netmask
++255.255.255.255 mtu 1412 up.
+ 
+ .IP "\-\-domain <ASCII string>"
+-  Domain name for authentication, sometimes needed for authentification
+-  against Windows NT domains.
++Domain name for authentication, sometimes needed for authentification
++against Windows NT domains.
+ 
+ .IP "\-\-dh <dh1/dh2/dh5>"
+-  Name of the IKE DH Group (default: dh2)
++Name of the IKE DH Group (default: dh2).
+ 
+ .IP "\-\-pfs <nopfs/dh1/dh2/dh5/server>"
+-  Diffie-Hellman group to use for PFS, one of nopfs, dh1, dh2, dh5 or
+-  server (default: server).
++Diffie-Hellman group to use for PFS, one of nopfs, dh1, dh2, dh5 or
++server (default: server).
+ 
+ .IP "\-\-enable\-1des"
+- Enables weak Single DES encryption
++Enables weak Single DES encryption.
+ 
+ .IP "\-\-application\-version <ASCII string>"
+- Application Version to report to the server when identifying ourself
+- (default: Cisco Systems VPN Client <vpnc-version>)
++Application Version to report to the server when identifying ourself
++(default: Cisco Systems VPN Client <vpnc-version>).
+ 
+ .IP "\-\-ifname <ASCII string>"
+- The virtual name of the Linux network interface assigned to the tunnel
+- endpoint
++The virtual name of the network interface assigned to the tunnel
++endpoint (default: first available tunX).
+ 
+ .IP "\-\-debug <0/1/2/3/99>"
+-  Show verbose debug messages with different verbosity levels
++Show verbose debug messages with different verbosity levels.
+ 
+ .IP "\-\-no\-detach"
+- Don't detach from the console (go to background) after login
++Don't detach from the console (go to background) after login.
+ 
+ .IP "\-\-pid\-file <filename>"
+- Store the pid of background process in a file
++Store the pid of background process in a file.
+ 
+ .IP "\-\-local-port <0-65535>"
+-  Local ISAKMP port number to use (0 == use random port, 500 is default)
++Local ISAKMP port number to use (0 == use random port, 500 is default).
+ 
+ .IP "\-\-non-inter"
+- Don't ask anything, exit on missing options
++Don't ask anything, exit on missing options.
+ 
+ .IP "\-\-print\-config"
+- Prints your configuration; output can be used as vpnc.conf
++Prints your configuration; output can be used as vpnc.conf.
+ 
+ .SH FILES
+-.I /etc/vpnc.conf
++.I %%PREFIX%%/etc/vpnc.conf
+ .RS
+ The default configuration file. You can specify the same config
+-directives as with command line options and additionaly
++directives as with command line options and additionaly.
+ .B IPSec secret
+ and
+ .B Xauth password
+@@ -175,7 +163,7 @@
+ for further details.
+ .RE
+ 
+-.I /etc/vpnc/*.conf
++.I %%PREFIX%%/etc/vpnc/*.conf
+ .RS
+ The vpnc\-connect will read configuration files in this directory when
+ the config script name (without .conf) is specified on the command line.
+@@ -234,8 +222,8 @@
+ On Debian systems, the complete text of the GNU General Public
+ License can be found in /usr/share/common\-licenses/GPL.
+ .SH "SEE ALSO"
+-.BR ip (8),
+-.BR ifconfig (8),
+-.BR route (1),
++.BR tun(4),
++.BR ifconfig(8),
++.BR route(8),
+ .BR http://www.unix\-ag.uni\-kl.de/~massar/vpnc/
+-
++.BR %%PREFIX%%/etc/rc.d/vpnc.sh.sample-fulltunnel
diff -urN /usr/ports/security/vpnc/files/patch-vpnc.c vpnc/files/patch-vpnc.c
--- /usr/ports/security/vpnc/files/patch-vpnc.c	Wed May  5 11:44:39 2004
+++ vpnc/files/patch-vpnc.c	Fri May 14 00:51:04 2004
@@ -1,27 +1,5 @@
 --- vpnc.c.dist	Mon May  3 14:13:05 2004
 +++ vpnc.c	Mon May  3 14:13:41 2004
-@@ -1527,10 +1527,10 @@
- 	  reject = ISAKMP_N_ATTRIBUTES_NOT_SUPPORTED;
- 	  break;
- 	}
--	strbuf = xallocc(a->u.lots.length)+1;
-+	strbuf = xallocc(a->u.lots.length+1);
- 	memcpy(strbuf, a->u.lots.data, a->u.lots.length);
- 	addenv("CISCO_DEF_DOMAIN", strbuf);
--	/*free(strbuf); free(): invalid pointer 0x80593f9! FIXME */
-+	free(strbuf);
- 	break;
- 	
-       case ISAKMP_MODECFG_ATTRIB_CISCO_BANNER:
-@@ -1538,7 +1538,7 @@
- 	  reject = ISAKMP_N_ATTRIBUTES_NOT_SUPPORTED;
- 	  break;
- 	}
--	strbuf = xallocc(a->u.lots.length)+1;
-+	strbuf = xallocc(a->u.lots.length+1);
- 	memcpy(strbuf, a->u.lots.data, a->u.lots.length);
- 	addenv("CISCO_BANNER", strbuf);
- 	free(strbuf);
 @@ -2162,8 +2162,8 @@
      else
        read_config_file (argv[i], config, 0);
diff -urN /usr/ports/security/vpnc/files/vpnc.8 vpnc/files/vpnc.8
--- /usr/ports/security/vpnc/files/vpnc.8	Fri Jan 30 14:34:26 2004
+++ vpnc/files/vpnc.8	Thu Jan  1 01:00:00 1970
@@ -1,135 +0,0 @@
-.\" Process this file with
-.\" groff -man -Tascii vpnc.8
-.\"
-.TH VPNC 8 "December 2003" FreeBSD "vpnc"
-.SH NAME
-vpnc \- Client for Cisco 3000 VPN Concentrator
-.SH SYNOPSIS
-.B vpnc  [ --gateway 
-.I IP-or-hostname
-.B ] [ --id 
-.I IPSec group Id
-.B ] [ --username
-.I name
-.B ] [ --ifname 
-.I name
-.B ] [ --local-port
-.I port number
-.B ] [ --pid-file
-.I filename
-.B ] [ --dh 
-.I IKE DH group
-.B ] [ --pfs 
-.I PFS group
-.B ] [ --non-inter ] [ --debug ] [ --no-detach ] [ --print-config ]
-.SH DESCRIPTION
-.B vpnc
-is a VPN client for the Cisco 3000 VPN Concentrator,
-creating a IPSec-like connection as a tunneling
-network device for the local system. It uses the
-TUN/TAP driver in Linux kernel 2.4 and above and
-device 
-.BR tun (4)
-on BSD. It runs completely in user space.
-
-The vpnc daemon by it self does not set any routes. The user
-has to do it on its own, e.g. for a full tunnel under FreeBSD
-
-.RS
-.PD 0
-route add -host VPNGATEWAY ROUTER
-.P
-route delete default
-.P
-route add default -interface tun0
-.PD
-.RE
-.SH CONFIGURATION
-The daemon reads configuration data from the following places:
-.PD 0
-.IP "- command line options"
-.IP "- config file(s) specified on the command line"
-.IP "- PREFIX/etc/vpnc.conf"
-.IP "- prompting the user if not found above"
-.PD
-.SH OPTIONS
-.IP "--gateway IP-or-hostname"
-IP address or hostname of the VPN gateway
-.IP "--id IPSec group Id"
-ID of the IPSec group
-.IP "--username name"
-your user credentials
-.IP "--ifname name"
-name of the tun-interface to use
-.IP "--local-port port number"
-use this port for the connection <0-65535> to allow multiple instances of vpnc
-running, use 0 a for 
-.I random
-port
-.IP "--pid-file filename"
-store the pid of background process there
-.IP "--dh IKE DH group"
-name of the IKE DH Group <dh1/dh2/dh5>
-.IP "--pfs PFS group"
-Perfect Forward Secrecy <nopfs/dh1/dh2/dh5>
-.IP "--non-inter"
-non interactive mode, don't ask any questions
-.IP "--debug nr"
-set debugging level: none(0), basic(1), control flow(2), packet dump(3),
-include username/password(99)
-.IP "--no-detach"
-do not send daemon to background
-.IP "--print-config"
-prints your configuration; output can be used as vpnc.conf
-
-.SH FILES
-.I PREFIX/etc/vpnc.conf
-.RS
-The default configuration file. See
-.BR EXAMPLES
-for further details.
-.RE
-
-.SH EXAMPLES
-This is an example vpnc.conf:
-
-.RS
-.PD 0
-IKE DH Group dh2
-.P
-Perfect Forward Secrecy nopfs
-.P
-IPSec gateway vpn.rwth-aachen.de
-.P
-IPSec ID MoPS
-.P
-IPSec secret mopsWLAN
-.P
-Xauth username abcdef
-.P
-Xauth password 123456
-.PD
-.RE
-
-The values start exactly one space after the keywords, and run to the end of
-line. This lets you put any kind of weird character (except EOL and NUL) in
-your strings, but it does mean you can't add comments after a string, or spaces
-before them.
-
-See also the
-.B --print-config
-option to generate a config file.
-
-.SH TODO
-Re-keying is no implemented yet (default rekey-intervall is 8 hours).
-
-.SH AUTHOR
-This man-page has been written by Christian Lackas <delta(at)lackas.net>,
-based on the Debian man-page 
-by Eduard Bloch <blade(at)debian.org> and the vpnc README by
-Maurice Massar <vpnc(at)unix-ag.uni-kl.de>
-
-.SH "SEE ALSO"
-.BR tun (4),
-.BR route (1),
-.BR http://www.unix-ag.uni-kl.de/~massar/vpnc/



-- 
http://www.couven95.de/
http://www.lackas.net/
http://www.lackas.com/

>Release-Note:
>Audit-Trail:
>Unformatted: