From owner-svn-ports-all@freebsd.org  Wed Feb 27 06:34:47 2019
Return-Path: <owner-svn-ports-all@freebsd.org>
Delivered-To: svn-ports-all@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 300311512D34;
 Wed, 27 Feb 2019 06:34:47 +0000 (UTC)
 (envelope-from meta@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id C7BEC8FCB7;
 Wed, 27 Feb 2019 06:34:46 +0000 (UTC)
 (envelope-from meta@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id AD55418F42;
 Wed, 27 Feb 2019 06:34:46 +0000 (UTC)
 (envelope-from meta@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x1R6Yk1Q066416;
 Wed, 27 Feb 2019 06:34:46 GMT (envelope-from meta@FreeBSD.org)
Received: (from meta@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id x1R6Yipg066405;
 Wed, 27 Feb 2019 06:34:44 GMT (envelope-from meta@FreeBSD.org)
Message-Id: <201902270634.x1R6Yipg066405@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: meta set sender to
 meta@FreeBSD.org using -f
From: Koichiro Iwao <meta@FreeBSD.org>
Date: Wed, 27 Feb 2019 06:34:44 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
 svn-ports-head@freebsd.org
Subject: svn commit: r494024 - in head/security: softether softether-devel
 softether-devel/files softether/files
X-SVN-Group: ports-head
X-SVN-Commit-Author: meta
X-SVN-Commit-Paths: in head/security: softether softether-devel
 softether-devel/files softether/files
X-SVN-Commit-Revision: 494024
X-SVN-Commit-Repository: ports
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Rspamd-Queue-Id: C7BEC8FCB7
X-Spamd-Bar: --
Authentication-Results: mx1.freebsd.org
X-Spamd-Result: default: False [-2.98 / 15.00];
 local_wl_from(0.00)[FreeBSD.org];
 NEURAL_HAM_MEDIUM(-1.00)[-0.999,0];
 NEURAL_HAM_SHORT(-0.98)[-0.977,0];
 NEURAL_HAM_LONG(-1.00)[-0.999,0];
 ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US]
X-BeenThere: svn-ports-all@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SVN commit messages for the ports tree <svn-ports-all.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-ports-all>,
 <mailto:svn-ports-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-all/>
List-Post: <mailto:svn-ports-all@freebsd.org>
List-Help: <mailto:svn-ports-all-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-ports-all>,
 <mailto:svn-ports-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Feb 2019 06:34:47 -0000

Author: meta
Date: Wed Feb 27 06:34:44 2019
New Revision: 494024
URL: https://svnweb.freebsd.org/changeset/ports/494024

Log:
  security/softether{,-devel}: do not spit out anything on libexec directory
  
  SoftEther client, bridge, server daemon unintendedly had spit on libexec
  directory up to this update. Spit out all runtime files, directories and
  logs on SE_DBDIR or SE_LOGDIR.
  
  While here,
  - Avoid all hardcoded use of /var/db/softether, /var/log/softether
    Respect SE_DBDIR and SE_LOGDIR defined in Makefile
  - Substitute these directories in pkg-message as well
  - Regenerate some patches
  - Bump PORTREVISION to force rebuild
  
  Sponsored by:	HAW International, Inc.

Added:
  head/security/softether-devel/files/patch-chain-certs-dir
     - copied unchanged from r494004, head/security/softether5/files/patch-chain-certs-dir
  head/security/softether-devel/files/patch-piddir
     - copied unchanged from r494004, head/security/softether5/files/patch-piddir
  head/security/softether-devel/files/pkg-message.in
     - copied, changed from r494023, head/security/softether-devel/pkg-message
  head/security/softether/files/patch-chain-certs-dir
     - copied unchanged from r493922, head/security/softether5/files/patch-chain-certs-dir
  head/security/softether/files/patch-piddir
     - copied unchanged from r493922, head/security/softether5/files/patch-piddir
  head/security/softether/files/pkg-message.in
     - copied, changed from r494023, head/security/softether/pkg-message
Deleted:
  head/security/softether-devel/files/patch-src__Cedar__Cedar.h
  head/security/softether-devel/files/patch-src__Cedar__Client.h
  head/security/softether-devel/files/patch-src__Cedar__Nat.h
  head/security/softether-devel/files/patch-src__Cedar__Server.c
  head/security/softether-devel/files/patch-src__Mayaqua__Cfg.c
  head/security/softether-devel/files/patch-src__Mayaqua__Cfg.h
  head/security/softether-devel/files/patch-src__Mayaqua__Kernel.c
  head/security/softether-devel/files/patch-src__Mayaqua__Table.h
  head/security/softether-devel/files/patch-src__Mayaqua__Unix.c
  head/security/softether-devel/pkg-message
  head/security/softether/files/patch-src__Cedar__Cedar.h
  head/security/softether/files/patch-src__Cedar__Client.h
  head/security/softether/files/patch-src__Cedar__Nat.h
  head/security/softether/files/patch-src__Cedar__Server.c
  head/security/softether/files/patch-src__Mayaqua__Cfg.c
  head/security/softether/files/patch-src__Mayaqua__Cfg.h
  head/security/softether/files/patch-src__Mayaqua__Kernel.c
  head/security/softether/files/patch-src__Mayaqua__Table.h
  head/security/softether/files/patch-src__Mayaqua__Unix.c
  head/security/softether/pkg-message
Modified:
  head/security/softether-devel/Makefile
  head/security/softether-devel/pkg-plist
  head/security/softether/Makefile
  head/security/softether/files/extra-patch-unrestrict-enterprise-functions
  head/security/softether/pkg-plist

Modified: head/security/softether-devel/Makefile
==============================================================================
--- head/security/softether-devel/Makefile	Wed Feb 27 06:09:17 2019	(r494023)
+++ head/security/softether-devel/Makefile	Wed Feb 27 06:34:44 2019	(r494024)
@@ -2,6 +2,7 @@
 
 PORTNAME=	softether
 DISTVERSION=	4.28-9669-beta
+PORTREVISION=	1
 CATEGORIES=	security
 MASTER_SITES=	https://www.softether-download.com/files/softether/v${DISTVERSION}-2018.09.11-tree/Source_Code/
 PKGNAMESUFFIX=	-devel
@@ -22,7 +23,6 @@ USE_RC_SUBR=	softether_bridge softether_client softeth
 
 DOS2UNIX_FILES=	ChangeLog LICENSE README *.TXT \
 		src/Cedar/*.* src/Mayaqua/*.*
-SUB_FILES=	vpncmd
 
 OPTIONS_DEFINE=	DOCS UNLOCK
 
@@ -39,9 +39,11 @@ UNLOCK_EXTRA_PATCHES=	${FILESDIR}/extra-patch-unrestri
 CONFLICTS_INSTALL=	softether-4.* softether5
 PORTDOCS=	AUTHORS.TXT ChangeLog LICENSE README THIRD_PARTY.TXT WARNING.TXT
 
-LOGDIR?=	/var/log/softether
-PLIST_SUB=	LOGDIR="${LOGDIR}"
-SUB_LIST=	LOGDIR="${LOGDIR}"
+SE_DBDIR?=	/var/db/${PORTNAME}
+SE_LOGDIR?=	/var/log/${PORTNAME}
+PLIST_SUB=	SE_DBDIR="${SE_DBDIR}" SE_LOGDIR="${SE_LOGDIR}"
+SUB_LIST=	SE_DBDIR="${SE_DBDIR}" SE_LOGDIR="${SE_LOGDIR}"
+SUB_FILES=	pkg-message vpncmd
 
 CPPFLAGS+=	-I${LOCALBASE}/include
 LDFLAGS+=	-L${LOCALBASE}/lib
@@ -54,6 +56,52 @@ ALL_TARGET=	build
 .include <bsd.port.options.mk>
 
 post-patch:
+	# SoftEther scatters logs, config files and PID files in PREFIX/libexec
+	# directory. To write them in the right place, replace it.
+	${REINPLACE_CMD} \
+		-e "s|@vpn_server_template|${SE_DBDIR}/vpn_server_template|" \
+		-e "s|@vpn_server|${SE_DBDIR}/vpn_server|" \
+		-e "s|@vpn_bridge|${SE_DBDIR}/vpn_bridge|" \
+		-e "s|@vpn_gate_svc|${SE_DBDIR}/vpn_gate_svc|" \
+		-e "s|@vpn_gate_relay|${SE_DBDIR}/vpn_gate_relay|" \
+		${WRKSRC}/src/Cedar/Server.c
+
+	${REINPLACE_CMD} \
+		-e "s|@adminip|${SE_DBDIR}/adminip|" \
+		-e "s|@etherlogger|${SE_DBDIR}/etherlogger|" \
+		-e "s|@vpn_client|${SE_DBDIR}/vpn_client|" \
+		-e "s|@vpn_router|${SE_DBDIR}/vpn_router|" \
+		-e "s|@custom|${SE_DBDIR}/custom|" \
+		-e "s|@backup|${SE_DBDIR}/backup|" \
+		-e "s|@save_binary|${SE_DBDIR}/save_binary|" \
+		-e "s|@lang|${SE_DBDIR}/lang|" \
+		-e "s|@azureserver|${SE_DBDIR}/azureserver|" \
+		-e "s|@server_log|${SE_LOGDIR}/server|" \
+		-e "s|@security_log|${SE_LOGDIR}/security|" \
+		-e "s|@packet_log|${SE_LOGDIR}/packet|" \
+		-e "s|@secure_nat_log|${SE_LOGDIR}/secure_nat|" \
+		-e "s|@client_log|${SE_LOGDIR}/client|" \
+		-e "s|@tiny_log|${SE_LOGDIR}/tiny|" \
+		-e "s|@carrier_log|${SE_LOGDIR}/carrier|" \
+		-e "s|@etherlogger_log|${SE_LOGDIR}/etherlogger|" \
+		${WRKSRC}/src/Cedar/Cedar.h \
+		${WRKSRC}/src/Cedar/Client.h \
+		${WRKSRC}/src/Cedar/Nat.h \
+		${WRKSRC}/src/Cedar/Server.c \
+		${WRKSRC}/src/Mayaqua/Cfg.c \
+		${WRKSRC}/src/Mayaqua/Cfg.h \
+		${WRKSRC}/src/Mayaqua/Table.h
+
+	${REINPLACE_CMD} \
+		-e "s|abort_error_log\.txt|${SE_LOGDIR}/abort_error_log.txt|" \
+		${WRKSRC}/src/Mayaqua/Kernel.c
+
+	${REINPLACE_CMD} \
+		-e "s|%%SE_DBDIR%%|${SE_DBDIR}|g" \
+		${WRKSRC}/src/Cedar/Protocol.c \
+		${WRKSRC}/src/Mayaqua/Unix.c \
+		${WRKSRC}/src/Mayaqua/Network.c
+
 	# skip configure at all and copy the corresponding Makefile in place
 .if ${ARCH} != "amd64"
 	@${CP} ${WRKSRC}/src/makefiles/freebsd_32bit.mak ${WRKSRC}/Makefile
@@ -78,7 +126,8 @@ do-install:
 	@${STRIP_CMD} ${STAGEDIR}${PREFIX}/libexec/${PORTNAME}/${i}
 .endfor
 	@${MKDIR} ${STAGEDIR}${DOCSDIR}
-	@${MKDIR} ${STAGEDIR}${LOGDIR}
+	@${MKDIR} ${STAGEDIR}${SE_DBDIR}
+	@${MKDIR} ${STAGEDIR}${SE_LOGDIR}
 .for doc in ${PORTDOCS}
 	${INSTALL_DATA} ${WRKSRC}/${doc} ${STAGEDIR}${DOCSDIR}
 .endfor

Copied: head/security/softether-devel/files/patch-chain-certs-dir (from r494004, head/security/softether5/files/patch-chain-certs-dir)
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/softether-devel/files/patch-chain-certs-dir	Wed Feb 27 06:34:44 2019	(r494024, copy of r494004, head/security/softether5/files/patch-chain-certs-dir)
@@ -0,0 +1,31 @@
+--- src/Cedar/Protocol.c.orig	2019-02-03 19:43:50 UTC
++++ src/Cedar/Protocol.c
+@@ -58,7 +58,7 @@ bool TryGetRootCertChain(LIST *o, X *x, bool auto_save
+ 		wchar_t exedir[MAX_SIZE];
+ 
+ 		GetExeDirW(exedir, sizeof(exedir));
+-		CombinePathW(dirname, sizeof(dirname), exedir, L"chain_certs");
++		CombinePathW(dirname, sizeof(dirname), L"%%SE_DBDIR%%", L"chain_certs");
+ 		MakeDirExW(dirname);
+ 
+ 		if (auto_save)
+@@ -365,7 +365,7 @@ void AddAllChainCertsToCertList(LIST *o)
+ 
+ 	GetExeDirW(exedir, sizeof(exedir));
+ 
+-	CombinePathW(dirname, sizeof(dirname), exedir, L"chain_certs");
++	CombinePathW(dirname, sizeof(dirname), L"%%SE_DBDIR%%", L"chain_certs");
+ 
+ 	MakeDirExW(dirname);
+ 
+--- src/Mayaqua/Network.c.orig	2019-02-03 19:43:50 UTC
++++ src/Mayaqua/Network.c
+@@ -11520,7 +11520,7 @@ void AddChainSslCertOnDirectory(struct ssl_ctx_st *ctx
+ 
+ 	GetExeDirW(exedir, sizeof(exedir));
+ 
+-	CombinePathW(dirname, sizeof(dirname), exedir, L"chain_certs");
++	CombinePathW(dirname, sizeof(dirname), L"%%SE_DBDIR%%", L"chain_certs");
+ 
+ 	MakeDirExW(dirname);
+ 

Copied: head/security/softether-devel/files/patch-piddir (from r494004, head/security/softether5/files/patch-piddir)
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/softether-devel/files/patch-piddir	Wed Feb 27 06:34:44 2019	(r494024, copy of r494004, head/security/softether5/files/patch-piddir)
@@ -0,0 +1,29 @@
+--- src/Mayaqua/Unix.c.orig	2019-02-03 19:43:50 UTC
++++ src/Mayaqua/Unix.c
+@@ -774,7 +774,7 @@ void *UnixNewSingleInstance(char *instance_name)
+ 	GetExeDir(dir, sizeof(dir));
+ 
+ 	// File name generation
+-	Format(name, sizeof(name), "%s/.%s", dir, tmp);
++	Format(name, sizeof(name), "%%SE_DBDIR%%/.%s", tmp);
+ 
+ 	fd = open(name, O_WRONLY);
+ 	if (fd == -1)
+@@ -2194,7 +2194,7 @@ void UnixGenPidFileName(char *name, UINT size)
+ 	Md5(hash, exe_name, StrLen(exe_name));
+ 	BinToStr(tmp1, sizeof(tmp1), hash, sizeof(hash));
+ 
+-	Format(name, size, "%s/.pid_%s", dir, tmp1);
++	Format(name, size, "%%SE_DBDIR%%/.pid_%s", tmp1);
+ }
+ 
+ // Delete the PID file
+@@ -2239,7 +2239,7 @@ void UnixGenCtlFileName(char *name, UINT size)
+ 	Md5(hash, exe_name, StrLen(exe_name));
+ 	BinToStr(tmp1, sizeof(tmp1), hash, sizeof(hash));
+ 
+-	Format(name, size, "%s/.ctl_%s", dir, tmp1);
++	Format(name, size, "%%SE_DBDIR%%/.ctl_%s", tmp1);
+ }
+ 
+ // Write the CTL file

Copied and modified: head/security/softether-devel/files/pkg-message.in (from r494023, head/security/softether-devel/pkg-message)
==============================================================================
--- head/security/softether-devel/pkg-message	Wed Feb 27 06:09:17 2019	(r494023, copy source)
+++ head/security/softether-devel/files/pkg-message.in	Wed Feb 27 06:34:44 2019	(r494024)
@@ -17,6 +17,8 @@ Please note client and bridge functionality is not ful
 supported on FreeBSD right now.
 
 When removing SoftEther VPN without the desire to reinstall, please
-ensure to remove the directory /var/db/softether as well.
+ensure to remove the following dirctories as well:
+- %%SE_DBDIR%%
+- %%SE_LOGDIR%%
 
 **************************************************************************

Modified: head/security/softether-devel/pkg-plist
==============================================================================
--- head/security/softether-devel/pkg-plist	Wed Feb 27 06:09:17 2019	(r494023)
+++ head/security/softether-devel/pkg-plist	Wed Feb 27 06:34:44 2019	(r494024)
@@ -5,4 +5,5 @@ libexec/softether/vpncmd
 libexec/softether/vpnserver
 sbin/vpncmd
 @dir libexec/softether
-@dir %%LOGDIR%%
+@dir %%SE_DBDIR%%
+@dir %%SE_LOGDIR%%

Modified: head/security/softether/Makefile
==============================================================================
--- head/security/softether/Makefile	Wed Feb 27 06:09:17 2019	(r494023)
+++ head/security/softether/Makefile	Wed Feb 27 06:34:44 2019	(r494024)
@@ -2,7 +2,7 @@
 
 PORTNAME=	softether
 DISTVERSION=	4.25-9656
-PORTREVISION=	1
+PORTREVISION=	2
 CATEGORIES=	security
 MASTER_SITES=	https://www.softether-download.com/files/softether/v${DISTVERSION}-rtm-2018.01.15-tree/Source_Code/
 DISTNAME=	${PORTNAME}-src-v${DISTVERSION}-rtm
@@ -22,7 +22,6 @@ USE_RC_SUBR=	softether_bridge softether_client softeth
 
 DOS2UNIX_FILES=	ChangeLog LICENSE README *.TXT \
 		src/Cedar/*.* src/Mayaqua/*.*
-SUB_FILES=	vpncmd
 
 OPTIONS_DEFINE=	DOCS UNLOCK
 
@@ -39,9 +38,11 @@ UNLOCK_EXTRA_PATCHES=	${FILESDIR}/extra-patch-unrestri
 CONFLICTS_INSTALL=	softether-devel-4.* softether5
 PORTDOCS=	AUTHORS.TXT ChangeLog LICENSE README THIRD_PARTY.TXT WARNING.TXT
 
-LOGDIR?=	/var/log/softether
-PLIST_SUB=	LOGDIR="${LOGDIR}"
-SUB_LIST=	LOGDIR="${LOGDIR}"
+SE_DBDIR?=	/var/db/${PORTNAME}
+SE_LOGDIR?=	/var/log/${PORTNAME}
+PLIST_SUB=	SE_DBDIR="${SE_DBDIR}" SE_LOGDIR="${SE_LOGDIR}"
+SUB_LIST=	SE_DBDIR="${SE_DBDIR}" SE_LOGDIR="${SE_LOGDIR}"
+SUB_FILES=	pkg-message vpncmd
 
 CPPFLAGS+=	-I${LOCALBASE}/include
 LDFLAGS+=	-L${LOCALBASE}/lib
@@ -54,6 +55,52 @@ ALL_TARGET=	build
 .include <bsd.port.options.mk>
 
 post-patch:
+	# SoftEther scatters logs, config files and PID files in PREFIX/libexec
+	# directory. To write them in the right place, replace it.
+	${REINPLACE_CMD} \
+		-e "s|@vpn_server_template|${SE_DBDIR}/vpn_server_template|" \
+		-e "s|@vpn_server|${SE_DBDIR}/vpn_server|" \
+		-e "s|@vpn_bridge|${SE_DBDIR}/vpn_bridge|" \
+		-e "s|@vpn_gate_svc|${SE_DBDIR}/vpn_gate_svc|" \
+		-e "s|@vpn_gate_relay|${SE_DBDIR}/vpn_gate_relay|" \
+		${WRKSRC}/src/Cedar/Server.c
+
+	${REINPLACE_CMD} \
+		-e "s|@adminip|${SE_DBDIR}/adminip|" \
+		-e "s|@etherlogger|${SE_DBDIR}/etherlogger|" \
+		-e "s|@vpn_client|${SE_DBDIR}/vpn_client|" \
+		-e "s|@vpn_router|${SE_DBDIR}/vpn_router|" \
+		-e "s|@custom|${SE_DBDIR}/custom|" \
+		-e "s|@backup|${SE_DBDIR}/backup|" \
+		-e "s|@save_binary|${SE_DBDIR}/save_binary|" \
+		-e "s|@lang|${SE_DBDIR}/lang|" \
+		-e "s|@azureserver|${SE_DBDIR}/azureserver|" \
+		-e "s|@server_log|${SE_DIR}/server|" \
+		-e "s|@security_log|${SE_LOGDIR}/security|" \
+		-e "s|@packet_log|${SE_LOGDIR}/packet|" \
+		-e "s|@secure_nat_log|${SE_LOGDIR}/secure_nat|" \
+		-e "s|@client_log|${SE_LOGDIR}/client|" \
+		-e "s|@tiny_log|${SE_LOGDIR}/tiny|" \
+		-e "s|@carrier_log|${SE_LOGDIR}/carrier|" \
+		-e "s|@etherlogger_log|${SE_LOGDIR}/etherlogger|" \
+		${WRKSRC}/src/Cedar/Cedar.h \
+		${WRKSRC}/src/Cedar/Client.h \
+		${WRKSRC}/src/Cedar/Nat.h \
+		${WRKSRC}/src/Cedar/Server.c \
+		${WRKSRC}/src/Mayaqua/Cfg.c \
+		${WRKSRC}/src/Mayaqua/Cfg.h \
+		${WRKSRC}/src/Mayaqua/Table.h
+
+	${REINPLACE_CMD} \
+		-e "s|abort_error_log\.txt|${SE_LOGDIR}/abort_error_log.txt|" \
+		${WRKSRC}/src/Mayaqua/Kernel.c
+
+	${REINPLACE_CMD} \
+		-e "s|%%SE_DBDIR%%|${SE_DBDIR}|g" \
+		${WRKSRC}/src/Cedar/Protocol.c \
+		${WRKSRC}/src/Mayaqua/Unix.c \
+		${WRKSRC}/src/Mayaqua/Network.c
+
 	# skip configure at all and copy the corresponding Makefile in place
 .if ${ARCH} != "amd64"
 	@${CP} ${WRKSRC}/src/makefiles/freebsd_32bit.mak ${WRKSRC}/Makefile
@@ -78,7 +125,8 @@ do-install:
 	@${STRIP_CMD} ${STAGEDIR}${PREFIX}/libexec/${PORTNAME}/${i}
 .endfor
 	@${MKDIR} ${STAGEDIR}${DOCSDIR}
-	@${MKDIR} ${STAGEDIR}${LOGDIR}
+	@${MKDIR} ${STAGEDIR}${SE_DBDIR}
+	@${MKDIR} ${STAGEDIR}${SE_LOGDIR}
 .for doc in ${PORTDOCS}
 	${INSTALL_DATA} ${WRKSRC}/${doc} ${STAGEDIR}${DOCSDIR}
 .endfor

Modified: head/security/softether/files/extra-patch-unrestrict-enterprise-functions
==============================================================================
--- head/security/softether/files/extra-patch-unrestrict-enterprise-functions	Wed Feb 27 06:09:17 2019	(r494023)
+++ head/security/softether/files/extra-patch-unrestrict-enterprise-functions	Wed Feb 27 06:34:44 2019	(r494024)
@@ -1,8 +1,6 @@
-diff --git src/Cedar/Server.c src/Cedar/Server.c
-index 2a100ec..ee58f37 100644
---- src/Cedar/Server.c
+--- src/Cedar/Server.c.orig	2016-04-24 14:49:31 UTC
 +++ src/Cedar/Server.c
-@@ -10859,23 +10859,7 @@ bool SiCheckCurrentRegion(CEDAR *c, char *r)
+@@ -10822,23 +10822,7 @@ bool SiCheckCurrentRegion(CEDAR *c, char
  // 
  bool SiIsEnterpriseFunctionsRestrictedOnOpenSource(CEDAR *c)
  {

Copied: head/security/softether/files/patch-chain-certs-dir (from r493922, head/security/softether5/files/patch-chain-certs-dir)
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/softether/files/patch-chain-certs-dir	Wed Feb 27 06:34:44 2019	(r494024, copy of r493922, head/security/softether5/files/patch-chain-certs-dir)
@@ -0,0 +1,31 @@
+--- src/Cedar/Protocol.c.orig	2019-02-03 19:43:50 UTC
++++ src/Cedar/Protocol.c
+@@ -58,7 +58,7 @@ bool TryGetRootCertChain(LIST *o, X *x, bool auto_save
+ 		wchar_t exedir[MAX_SIZE];
+ 
+ 		GetExeDirW(exedir, sizeof(exedir));
+-		CombinePathW(dirname, sizeof(dirname), exedir, L"chain_certs");
++		CombinePathW(dirname, sizeof(dirname), L"%%SE_DBDIR%%", L"chain_certs");
+ 		MakeDirExW(dirname);
+ 
+ 		if (auto_save)
+@@ -365,7 +365,7 @@ void AddAllChainCertsToCertList(LIST *o)
+ 
+ 	GetExeDirW(exedir, sizeof(exedir));
+ 
+-	CombinePathW(dirname, sizeof(dirname), exedir, L"chain_certs");
++	CombinePathW(dirname, sizeof(dirname), L"%%SE_DBDIR%%", L"chain_certs");
+ 
+ 	MakeDirExW(dirname);
+ 
+--- src/Mayaqua/Network.c.orig	2019-02-03 19:43:50 UTC
++++ src/Mayaqua/Network.c
+@@ -11520,7 +11520,7 @@ void AddChainSslCertOnDirectory(struct ssl_ctx_st *ctx
+ 
+ 	GetExeDirW(exedir, sizeof(exedir));
+ 
+-	CombinePathW(dirname, sizeof(dirname), exedir, L"chain_certs");
++	CombinePathW(dirname, sizeof(dirname), L"%%SE_DBDIR%%", L"chain_certs");
+ 
+ 	MakeDirExW(dirname);
+ 

Copied: head/security/softether/files/patch-piddir (from r493922, head/security/softether5/files/patch-piddir)
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/softether/files/patch-piddir	Wed Feb 27 06:34:44 2019	(r494024, copy of r493922, head/security/softether5/files/patch-piddir)
@@ -0,0 +1,29 @@
+--- src/Mayaqua/Unix.c.orig	2019-02-03 19:43:50 UTC
++++ src/Mayaqua/Unix.c
+@@ -774,7 +774,7 @@ void *UnixNewSingleInstance(char *instance_name)
+ 	GetExeDir(dir, sizeof(dir));
+ 
+ 	// File name generation
+-	Format(name, sizeof(name), "%s/.%s", dir, tmp);
++	Format(name, sizeof(name), "%%SE_DBDIR%%/.%s", tmp);
+ 
+ 	fd = open(name, O_WRONLY);
+ 	if (fd == -1)
+@@ -2194,7 +2194,7 @@ void UnixGenPidFileName(char *name, UINT size)
+ 	Md5(hash, exe_name, StrLen(exe_name));
+ 	BinToStr(tmp1, sizeof(tmp1), hash, sizeof(hash));
+ 
+-	Format(name, size, "%s/.pid_%s", dir, tmp1);
++	Format(name, size, "%%SE_DBDIR%%/.pid_%s", tmp1);
+ }
+ 
+ // Delete the PID file
+@@ -2239,7 +2239,7 @@ void UnixGenCtlFileName(char *name, UINT size)
+ 	Md5(hash, exe_name, StrLen(exe_name));
+ 	BinToStr(tmp1, sizeof(tmp1), hash, sizeof(hash));
+ 
+-	Format(name, size, "%s/.ctl_%s", dir, tmp1);
++	Format(name, size, "%%SE_DBDIR%%/.ctl_%s", tmp1);
+ }
+ 
+ // Write the CTL file

Copied and modified: head/security/softether/files/pkg-message.in (from r494023, head/security/softether/pkg-message)
==============================================================================
--- head/security/softether/pkg-message	Wed Feb 27 06:09:17 2019	(r494023, copy source)
+++ head/security/softether/files/pkg-message.in	Wed Feb 27 06:34:44 2019	(r494024)
@@ -17,6 +17,8 @@ Please note client and bridge functionality is not ful
 supported on FreeBSD right now.
 
 When removing SoftEther VPN without the desire to reinstall, please
-ensure to remove the directory /var/db/softether as well.
+ensure to remove the following dirctories as well:
+- %%SE_DBDIR%%
+- %%SE_LOGDIR%%
 
 **************************************************************************

Modified: head/security/softether/pkg-plist
==============================================================================
--- head/security/softether/pkg-plist	Wed Feb 27 06:09:17 2019	(r494023)
+++ head/security/softether/pkg-plist	Wed Feb 27 06:34:44 2019	(r494024)
@@ -5,4 +5,5 @@ libexec/softether/vpncmd
 libexec/softether/vpnserver
 sbin/vpncmd
 @dir libexec/softether
-@dir %%LOGDIR%%
+@dir %%SE_DBDIR%%
+@dir %%SE_LOGDIR%%